Overview

overview

10

Static

static

1

URLScan

urlscan

http://d

windows7-x64

3

http://d

windows10-ltsc_2021-x64

7

http://d

windows11-21h2-x64

10

Analysis

  • max time kernel
    841s
  • max time network
    839s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250314-en
  • resource tags

    arch:x64arch:x86image:win11-20250314-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    16/03/2025, 05:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://d

Score
10/10
chimeradiscoverypersistenceransomwarespywarestealer

Malware Config

Signatures

  • Chimera 64 IoCs

    Ransomware which infects local and network files, often distributed via Dropbox links.

    ransomwarechimera
  • Chimera Ransomware Loader DLL 1 IoCs

    Drops/unpacks executable file which resembles Chimera's Loader.dll.

    ransomware
  • Chimera family
    chimera
  • Renames multiple (3281) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 2 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops desktop.ini file(s) 26 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 10 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 29 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 10 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 21 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://d
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5456
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x25c,0x7ff9907bf208,0x7ff9907bf214,0x7ff9907bf220
      2⤵
        PID:5460
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1872,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=2436 /prefetch:11
        2⤵
          PID:4904
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2408,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=2404 /prefetch:2
          2⤵
            PID:4912
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2240,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=2552 /prefetch:13
            2⤵
              PID:4864
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3404,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3308 /prefetch:1
              2⤵
                PID:5088
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3412,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3312 /prefetch:1
                2⤵
                  PID:4948
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4624,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=4596 /prefetch:1
                  2⤵
                    PID:2220
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=3528,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3720 /prefetch:1
                    2⤵
                      PID:2088
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4836,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=4848 /prefetch:14
                      2⤵
                        PID:3556
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4844,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=4900 /prefetch:14
                        2⤵
                          PID:1184
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5524,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5520 /prefetch:14
                          2⤵
                            PID:2316
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5544,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5632 /prefetch:14
                            2⤵
                              PID:2728
                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5544,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5632 /prefetch:14
                              2⤵
                                PID:236
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5928,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:14
                                2⤵
                                  PID:872
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5592,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6084 /prefetch:14
                                  2⤵
                                    PID:3780
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
                                      cookie_exporter.exe --cookie-json=1128
                                      3⤵
                                        PID:5772
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=5872,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6316 /prefetch:1
                                      2⤵
                                        PID:1592
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=3612,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
                                        2⤵
                                          PID:3912
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=6528,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6468 /prefetch:1
                                          2⤵
                                            PID:796
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=4520,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6652 /prefetch:1
                                            2⤵
                                              PID:3560
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=3556,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3576 /prefetch:1
                                              2⤵
                                                PID:5040
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6892,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6916 /prefetch:1
                                                2⤵
                                                  PID:4644
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3604,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:14
                                                  2⤵
                                                    PID:1808
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5600,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=7312 /prefetch:14
                                                    2⤵
                                                      PID:1016
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5896,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=568 /prefetch:14
                                                      2⤵
                                                        PID:2744
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7348,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=7416 /prefetch:14
                                                        2⤵
                                                          PID:3468
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7108,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=7084 /prefetch:14
                                                          2⤵
                                                            PID:5852
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5228,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5104 /prefetch:14
                                                            2⤵
                                                              PID:2920
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5860,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6212 /prefetch:14
                                                              2⤵
                                                              • NTFS ADS
                                                              PID:1684
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=7464,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=3000 /prefetch:1
                                                              2⤵
                                                                PID:5044
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7428,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5160 /prefetch:10
                                                                2⤵
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                PID:5688
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5144,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=4468 /prefetch:14
                                                                2⤵
                                                                  PID:3388
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6452,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5324 /prefetch:14
                                                                  2⤵
                                                                    PID:3780
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5516,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5324 /prefetch:14
                                                                    2⤵
                                                                      PID:2832
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5664,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5112 /prefetch:14
                                                                      2⤵
                                                                        PID:4624
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6180,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5136 /prefetch:14
                                                                        2⤵
                                                                          PID:5764
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7200,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=2600 /prefetch:14
                                                                          2⤵
                                                                            PID:4848
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7128,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5304 /prefetch:14
                                                                            2⤵
                                                                              PID:4692
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6684,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5140 /prefetch:14
                                                                              2⤵
                                                                                PID:4196
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=5684,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=6696 /prefetch:1
                                                                                2⤵
                                                                                  PID:5864
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --always-read-main-dll --field-trial-handle=7048,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=7032 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5276
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6496,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=4772 /prefetch:14
                                                                                    2⤵
                                                                                      PID:5828
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --always-read-main-dll --field-trial-handle=5864,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=5692 /prefetch:1
                                                                                      2⤵
                                                                                        PID:1220
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4892,i,16386640528491525308,12681209509874291837,262144 --variations-seed-version --mojo-platform-channel-handle=7236 /prefetch:14
                                                                                        2⤵
                                                                                          PID:5988
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                                                                          2⤵
                                                                                          • Loads dropped DLL
                                                                                          • Drops file in Windows directory
                                                                                          • Enumerates system info in registry
                                                                                          • Modifies data under HKEY_USERS
                                                                                          • Modifies registry class
                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                          PID:2628
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x2f4,0x7ff9907bf208,0x7ff9907bf214,0x7ff9907bf220
                                                                                            3⤵
                                                                                              PID:5516
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1848,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=2152 /prefetch:11
                                                                                              3⤵
                                                                                                PID:4900
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2024,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=2016 /prefetch:2
                                                                                                3⤵
                                                                                                  PID:432
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2404,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=2668 /prefetch:13
                                                                                                  3⤵
                                                                                                    PID:2832
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4504,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:14
                                                                                                    3⤵
                                                                                                      PID:456
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4504,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:14
                                                                                                      3⤵
                                                                                                        PID:2584
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4600,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4204 /prefetch:14
                                                                                                        3⤵
                                                                                                          PID:5280
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=568,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4192 /prefetch:14
                                                                                                          3⤵
                                                                                                            PID:4412
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4524,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4496 /prefetch:14
                                                                                                            3⤵
                                                                                                              PID:5952
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4164,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4808 /prefetch:14
                                                                                                              3⤵
                                                                                                                PID:4560
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3352,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=2944 /prefetch:14
                                                                                                                3⤵
                                                                                                                  PID:484
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2640,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=5108 /prefetch:14
                                                                                                                  3⤵
                                                                                                                    PID:864
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4724,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4836 /prefetch:10
                                                                                                                    3⤵
                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                    PID:3204
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4120,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=4224 /prefetch:14
                                                                                                                    3⤵
                                                                                                                      PID:5452
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4896,i,16728433002131151850,17859226912884005942,262144 --variations-seed-version --mojo-platform-channel-handle=3172 /prefetch:14
                                                                                                                      3⤵
                                                                                                                        PID:3520
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                    1⤵
                                                                                                                      PID:4844
                                                                                                                    • C:\Windows\system32\svchost.exe
                                                                                                                      C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
                                                                                                                      1⤵
                                                                                                                        PID:3420
                                                                                                                      • C:\Windows\system32\BackgroundTransferHost.exe
                                                                                                                        "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
                                                                                                                        1⤵
                                                                                                                        • Modifies registry class
                                                                                                                        PID:5164
                                                                                                                      • C:\Windows\System32\oobe\UserOOBEBroker.exe
                                                                                                                        C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
                                                                                                                        1⤵
                                                                                                                          PID:1588
                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
                                                                                                                          C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
                                                                                                                          1⤵
                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                          PID:2700
                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
                                                                                                                          C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
                                                                                                                          1⤵
                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                          PID:2316
                                                                                                                        • C:\Windows\System32\svchost.exe
                                                                                                                          C:\Windows\System32\svchost.exe -k UnistackSvcGroup
                                                                                                                          1⤵
                                                                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                                                                          PID:3332
                                                                                                                        • C:\Windows\System32\rundll32.exe
                                                                                                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                          1⤵
                                                                                                                            PID:3384
                                                                                                                          • C:\Windows\system32\NOTEPAD.EXE
                                                                                                                            "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Spyware\The Worst Of All!!!!!!\BonziBUDDY!!!!!!.txt
                                                                                                                            1⤵
                                                                                                                              PID:1568
                                                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe
                                                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe"
                                                                                                                              1⤵
                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                                              PID:3464
                                                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe
                                                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
                                                                                                                              1⤵
                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                              PID:5056
                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\is-KQOKI.tmp\butterflyondesktop.tmp
                                                                                                                                "C:\Users\Admin\AppData\Local\Temp\is-KQOKI.tmp\butterflyondesktop.tmp" /SL5="$D047E,2719719,54272,C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
                                                                                                                                2⤵
                                                                                                                                • Executes dropped EXE
                                                                                                                                • Adds Run key to start application
                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                PID:1108
                                                                                                                                • C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
                                                                                                                                  "C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe"
                                                                                                                                  3⤵
                                                                                                                                  • Chimera
                                                                                                                                  • Executes dropped EXE
                                                                                                                                  • Adds Run key to start application
                                                                                                                                  • Drops desktop.ini file(s)
                                                                                                                                  • Drops file in Program Files directory
                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                  • Suspicious use of SendNotifyMessage
                                                                                                                                  PID:4672
                                                                                                                                  • C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                    "C:\Program Files\Internet Explorer\iexplore.exe" -k "C:\Users\Admin\Music\YOUR_FILES_ARE_ENCRYPTED.HTML"
                                                                                                                                    4⤵
                                                                                                                                    • Modifies Internet Explorer settings
                                                                                                                                    PID:4072
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" -- "file:///C:/Users/Admin/Music/YOUR_FILES_ARE_ENCRYPTED.HTML"
                                                                                                                                      5⤵
                                                                                                                                        PID:4876
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch -- file:///C:/Users/Admin/Music/YOUR_FILES_ARE_ENCRYPTED.HTML
                                                                                                                                          6⤵
                                                                                                                                            PID:4356
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://freedesktopsoft.com/butterflyondesktoplike.html
                                                                                                                                      3⤵
                                                                                                                                        PID:1188
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument http://freedesktopsoft.com/butterflyondesktoplike.html
                                                                                                                                          4⤵
                                                                                                                                            PID:5128
                                                                                                                                    • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe
                                                                                                                                      "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe"
                                                                                                                                      1⤵
                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                                                                      PID:5588
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                                      1⤵
                                                                                                                                        PID:460
                                                                                                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe
                                                                                                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe"
                                                                                                                                        1⤵
                                                                                                                                          PID:2468
                                                                                                                                        • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe
                                                                                                                                          "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe"
                                                                                                                                          1⤵
                                                                                                                                            PID:3960
                                                                                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe
                                                                                                                                            "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\rickroll.exe"
                                                                                                                                            1⤵
                                                                                                                                              PID:6052
                                                                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\CookieClickerHack.exe
                                                                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\CookieClickerHack.exe"
                                                                                                                                              1⤵
                                                                                                                                                PID:5264
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\WindowsUpdate.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\WindowsUpdate.exe"
                                                                                                                                                1⤵
                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                • Suspicious use of SendNotifyMessage
                                                                                                                                                PID:4568
                                                                                                                                              • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
                                                                                                                                                "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
                                                                                                                                                1⤵
                                                                                                                                                • Modifies registry class
                                                                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                                                                PID:3392
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Hydra.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Hydra.exe"
                                                                                                                                                1⤵
                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                PID:5588
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Launcher.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Launcher.exe"
                                                                                                                                                1⤵
                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                PID:856
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Melting.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\Melting.exe"
                                                                                                                                                1⤵
                                                                                                                                                  PID:2936

                                                                                                                                                Network

                                                                                                                                                MITRE ATT&CK Enterprise v15

                                                                                                                                                Replay Monitor

                                                                                                                                                Loading Replay Monitor...

                                                                                                                                                Downloads

                                                                                                                                                • C:\Program Files (x86)\Briano\UWPHook\MaterialDesignThemes.Wpf.xml
                                                                                                                                                  Filesize

                                                                                                                                                  91KB

                                                                                                                                                  MD5

                                                                                                                                                  78f71f2a22648ec80fc091b7682ea2f9

                                                                                                                                                  SHA1

                                                                                                                                                  e85222233e468a47e5836e23d52a11f509aade73

                                                                                                                                                  SHA256

                                                                                                                                                  ef9c71fc8d5efe03a8b510f1c0b016034d80588dcfa280b0661c69915c6bc8ae

                                                                                                                                                  SHA512

                                                                                                                                                  f4dcdd0a8226649ced1bfc79bbd092b9c0a93c434d7a66f088994e29f365ecf736815351c4bf530e28e8666d04ff8bc578fde52ee08fd3846e03013676a9e8d8

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files (x86)\Briano\UWPHook\System.Management.Automation.xml
                                                                                                                                                  Filesize

                                                                                                                                                  6.8MB

                                                                                                                                                  MD5

                                                                                                                                                  5af2ee0cccd46ba414eab20c1068e822

                                                                                                                                                  SHA1

                                                                                                                                                  2ff0404eae337d280ac74a86b34588b112a0609c

                                                                                                                                                  SHA256

                                                                                                                                                  e480c58ef6a3e565cf0bce56e3886395bd1e496342a82f66cf59ae39b18e815d

                                                                                                                                                  SHA512

                                                                                                                                                  437acae10956c1e8b56509e855b0b4ab5c6cc556aa524bb40307a97d7462f359ac1f8b6e73dee5482da9a8c2156aa0a26c3601100d8ed3a898852d84434a55b4

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files (x86)\Briano\UWPHook\UWPHook.exe.config
                                                                                                                                                  Filesize

                                                                                                                                                  2KB

                                                                                                                                                  MD5

                                                                                                                                                  5980a99acbe791de7b83b29dfff696db

                                                                                                                                                  SHA1

                                                                                                                                                  61515806b3fe978920b95d24b2a718b71b3d9ff7

                                                                                                                                                  SHA256

                                                                                                                                                  6b2ced5496a5ec11b06b0d0c040b81e028d66429f4848a31ed9b2eeb8f74c51f

                                                                                                                                                  SHA512

                                                                                                                                                  d5b5befa32fa12dfabbfa2bc3c23d6f8f49c9fbbd122da72f8c707b48bac2e6fe65b9ea639163d7edddf1cb18a6ff0697ad5bc92e3ddd1f416ba85594a9bd467

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  MD5

                                                                                                                                                  81aab57e0ef37ddff02d0106ced6b91e

                                                                                                                                                  SHA1

                                                                                                                                                  6e3895b350ef1545902bd23e7162dfce4c64e029

                                                                                                                                                  SHA256

                                                                                                                                                  a70f9e100dddb177f68ee7339b327a20cd9289fae09dcdce3dbcbc3e86756287

                                                                                                                                                  SHA512

                                                                                                                                                  a651d0a526d31036a302f7ef1ee2273bb7c29b5206c9b17339baa149dd13958ca63db827d09b4e12202e44d79aac2e864522aca1228118ba3dcd259fe1fcf717

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files (x86)\Butterfly on Desktop\license.txt
                                                                                                                                                  Filesize

                                                                                                                                                  2KB

                                                                                                                                                  MD5

                                                                                                                                                  1048f0c7b89361fb17b7dca4dbbc4a16

                                                                                                                                                  SHA1

                                                                                                                                                  110406932cf670e1e4cf0ece0bd357b11491fc4b

                                                                                                                                                  SHA256

                                                                                                                                                  b880c77bc81ee3698caba0272deccb7fd3df659285ded191a66cc53023ab9f7f

                                                                                                                                                  SHA512

                                                                                                                                                  89b01342f49c2440de582c16c8a52fc2ec3c9652bf9bf754d44d28d5ce3e95d60422c159ca9ca9d6e329fc7171c6ae15b2c85c1ea57dda61c07aa82765690930

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files (x86)\Butterfly on Desktop\unins000.dat
                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  MD5

                                                                                                                                                  6b2fe45dcafa16d9d1008eb68bdda03e

                                                                                                                                                  SHA1

                                                                                                                                                  5aa2348051f40193b204005492667c35afd1bed3

                                                                                                                                                  SHA256

                                                                                                                                                  eba294267fd9cb611dbdc0f1abbdd07e3dde71af05169ac4861a915c033a3999

                                                                                                                                                  SHA512

                                                                                                                                                  771610a8d84c82684bdad2150f143820624b92d91267163e2915720ed87dcebbe204e391a82f3f708aa7c4476e9cb75b1aca6141bdb8b173af96757e898d4636

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Program Files\Java\jdk-1.8\jre\lib\YOUR_FILES_ARE_ENCRYPTED.HTML
                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  MD5

                                                                                                                                                  9e2b66afbadfe5ffa22d148ceef72ee2

                                                                                                                                                  SHA1

                                                                                                                                                  f65e56a9e7b2bf8c0e68f0ce45ea50a9387f92ee

                                                                                                                                                  SHA256

                                                                                                                                                  b41614a393abd02fad96312fdfa4f612ed673cd64c6cfdc5bcff0efe7080c0e1

                                                                                                                                                  SHA512

                                                                                                                                                  eb7b70d0b823412a6a5629d2f3ea99702184c84ac46a17e4023bc869db80132344881db0ea4b11b33816d349946c7dbb1cabc491cecb620a7be61edcb1527a03

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                  Filesize

                                                                                                                                                  280B

                                                                                                                                                  MD5

                                                                                                                                                  c62e84b316f54b133672087944bed624

                                                                                                                                                  SHA1

                                                                                                                                                  209599f8942e2c759b816ed2d4e7084cb442656f

                                                                                                                                                  SHA256

                                                                                                                                                  2a502845efd2d6f4174d0fbbb35e930ede85821d24eddaad1d44520e980e746d

                                                                                                                                                  SHA512

                                                                                                                                                  f6e8a2da4fdaf3ef06e7030535198f96dd11250b6d3b4585c4ff51c727f098402029d7a9008227d38ceea8dc92ab0887fd1eb5e17a1c1f3e4059198caa98cd1c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                  Filesize

                                                                                                                                                  280B

                                                                                                                                                  MD5

                                                                                                                                                  19a88bad99bffbae6102e191cfedd75b

                                                                                                                                                  SHA1

                                                                                                                                                  df476b325df883b73eda1b2349bab45aa22e808d

                                                                                                                                                  SHA256

                                                                                                                                                  0d576dfbde1712b7288e4561e3eea75ffdad84dc50a77ceb57a6e9c37d60465a

                                                                                                                                                  SHA512

                                                                                                                                                  9ec5eb487d8c8fc8e283a94bd43afd740edc4df6a4509d83629416d040586bd42330eb0da6dd41ec1e5550bce9a6643319ff8584f8638a9cde9042fa406825fc

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6362fbbb-2d99-463d-b674-eee43e5ad9c2.tmp
                                                                                                                                                  Filesize

                                                                                                                                                  107KB

                                                                                                                                                  MD5

                                                                                                                                                  40e2018187b61af5be8caf035fb72882

                                                                                                                                                  SHA1

                                                                                                                                                  72a0b7bcb454b6b727bf90da35879b3e9a70621e

                                                                                                                                                  SHA256

                                                                                                                                                  b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

                                                                                                                                                  SHA512

                                                                                                                                                  a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000007.log
                                                                                                                                                  Filesize

                                                                                                                                                  21KB

                                                                                                                                                  MD5

                                                                                                                                                  1b85c7a8e4a4f3e0a2a8a82f98a4e7ef

                                                                                                                                                  SHA1

                                                                                                                                                  eee619639f684b5dcf2dadf3c654f3dc7bc29487

                                                                                                                                                  SHA256

                                                                                                                                                  395a55545e51aada449475643207157eda1106adf9f272b5c045c6ef12809821

                                                                                                                                                  SHA512

                                                                                                                                                  667871dcb668fc967d45630b0d981b83fc75e4414c86c2a0b91d7c8683f759bbd93da5a879e348062e866b064153c8457dbb83d8a23444147c92c08080cfcde3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
                                                                                                                                                  Filesize

                                                                                                                                                  334B

                                                                                                                                                  MD5

                                                                                                                                                  8cc59408391696f1f7a6e422356d595a

                                                                                                                                                  SHA1

                                                                                                                                                  216bc89eef15414cf0ae024b4ca0cf68c944a152

                                                                                                                                                  SHA256

                                                                                                                                                  492366b4795e8018830e6e8bfc622b1f5f588838da247ce3748070c012f4792d

                                                                                                                                                  SHA512

                                                                                                                                                  28337517efca97789b5d03fe4c66758bb30aaf9aa7ec453484c9156e215ec00ba0aa1a3c000f330c1fcd4c4be5feb9154bb3c6aac622b3e7e7ec5bef2b459576

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                  Filesize

                                                                                                                                                  6KB

                                                                                                                                                  MD5

                                                                                                                                                  6fa51f561e298b0be0ca8230a4ee409d

                                                                                                                                                  SHA1

                                                                                                                                                  68a1171f2f5a940a3286383830e7d5e3619c8699

                                                                                                                                                  SHA256

                                                                                                                                                  e3ae2503071583d21d481a963221718071716053d77d22ede2b956060f9042fb

                                                                                                                                                  SHA512

                                                                                                                                                  5d8024cf26a2236ddc9e9e76c372969dbbb16942af15e2c6d963d2dcf93b1bede029dbf6e7caa70daa4ab7468edbb9265abfd8768dc2c683c4035b9728d8ea18

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                  Filesize

                                                                                                                                                  7KB

                                                                                                                                                  MD5

                                                                                                                                                  7ec90e45ec505674d564ce043ddc26db

                                                                                                                                                  SHA1

                                                                                                                                                  dcf1ce8d153cb77f4b6404b7ad0394da76dd0d07

                                                                                                                                                  SHA256

                                                                                                                                                  a98d41013d97f46bd90c2aeca03bd4794d67d1281045b5603763a79647d18dda

                                                                                                                                                  SHA512

                                                                                                                                                  065ba23460bca285a7ff6782ab6d6aaa3a4a1b80c8599d35bc1cd9e0532a94fc9e36996e1d973be551068770d32a2b1411e403ccfc31aed8b2e03447020ec019

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57f82b.TMP
                                                                                                                                                  Filesize

                                                                                                                                                  3KB

                                                                                                                                                  MD5

                                                                                                                                                  ca33c8c80006fec55fdbbc056db6a7ea

                                                                                                                                                  SHA1

                                                                                                                                                  e9e5a98a043530a44cec1867baba15423c4d8900

                                                                                                                                                  SHA256

                                                                                                                                                  e0d9fce17da7fa86c91dc268edf494fedbed3285937c1c3f7aa3d157a4e11351

                                                                                                                                                  SHA512

                                                                                                                                                  95c990236c628ce50a7402ee11078e5e04e9ac91a3b2eb755d86a0a420d56003cc970d0b2de8d9f4f2bff2c331e11c3da582d6e0f0bee0d0896ee62d9342cec1

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1
                                                                                                                                                  Filesize

                                                                                                                                                  264KB

                                                                                                                                                  MD5

                                                                                                                                                  fb0c995595aff68129ed409eb206b944

                                                                                                                                                  SHA1

                                                                                                                                                  226e503412d676550ff75cbd03f7408e9e59a3d0

                                                                                                                                                  SHA256

                                                                                                                                                  f0e49f4bb640f1e273686a8f344e7135fab632021cfdddd5e003c9b692047c1e

                                                                                                                                                  SHA512

                                                                                                                                                  de3ed58b1bab4f85b23520ef2c48600c401aec2a11176d756a2a0169fd57fd37e319df4e8ea1ecee2881406c8d20caf0c6a0bbe9547eddddf0df611dda410c75

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                                                                                                                                  Filesize

                                                                                                                                                  2B

                                                                                                                                                  MD5

                                                                                                                                                  99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                                  SHA1

                                                                                                                                                  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                                  SHA256

                                                                                                                                                  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                                  SHA512

                                                                                                                                                  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  6KB

                                                                                                                                                  MD5

                                                                                                                                                  8593fecbdcfc5323bd51a6766b4ce732

                                                                                                                                                  SHA1

                                                                                                                                                  4d3add35b5ddef17aa430e482c437ebb785a7ae9

                                                                                                                                                  SHA256

                                                                                                                                                  f6104792db0c56b14ae569432090faf7cfd7aede133c87ea0135079a9b61e785

                                                                                                                                                  SHA512

                                                                                                                                                  53cd15bc1b07af43a86261042e19acee009d019a44e628b3515bade03f627322cd8aa888a9890e93d7330cc603852f2fa1e9fc03472250290116ce90a2cd2991

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  6KB

                                                                                                                                                  MD5

                                                                                                                                                  3976ba4c464f14b806d7fb31d5f96c33

                                                                                                                                                  SHA1

                                                                                                                                                  9fe4c6afaee44600814e19afc769e223c3e6dc32

                                                                                                                                                  SHA256

                                                                                                                                                  0e95b91c3d7ad301ef44ab9681550c9796db98cab144f73579d2d2a39a184703

                                                                                                                                                  SHA512

                                                                                                                                                  31afd164e0f5b2985fbd961ce0b2599df8d142c702029707480c1b1737d1770b725bc71e9ed60d8d6e4eccf5a92ed5c6e841ca9b041ecfabab068087213648d9

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  5KB

                                                                                                                                                  MD5

                                                                                                                                                  4e8edaf2d78708e9d8a52557ece53347

                                                                                                                                                  SHA1

                                                                                                                                                  9fb812970f539e3b9629d5141e7ce48b995504ad

                                                                                                                                                  SHA256

                                                                                                                                                  8fac41ee4700d8a23408d52f8425605f9ac6e760fc9dc3c958fbb4e1f4f671a8

                                                                                                                                                  SHA512

                                                                                                                                                  4431b256fe8f9c934f6ca665599811b175accdf681a1b233872d9e46ba5f8a190e960bbd06687b8e15854965e20c80719ce874fcb3eee8980262bf1d093d0c0c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  3KB

                                                                                                                                                  MD5

                                                                                                                                                  88fbe3a0bf4780acd646ea7eca543897

                                                                                                                                                  SHA1

                                                                                                                                                  940b5df2d8bdce2380204303110308e12f596363

                                                                                                                                                  SHA256

                                                                                                                                                  68e4f0cb4771c519027066d06f1204afb820ee66beb5ab7bb3442d6c4071a576

                                                                                                                                                  SHA512

                                                                                                                                                  d15da3629e048374aa0e54b47ff065b33c112d4982239b52bf691a8cc5efb0892cb9600a3e688e3d79903deed16e54ac14f2ad33d1f3be520c084ae7c9a33d19

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  3KB

                                                                                                                                                  MD5

                                                                                                                                                  72baff6f6c2827b18458cb23e17cc46f

                                                                                                                                                  SHA1

                                                                                                                                                  6c090abe467ffce303ce7558b697d4ecfd329075

                                                                                                                                                  SHA256

                                                                                                                                                  940eaff66b44b2df0b96185a86ffe18de714fd07b88897615173475b05c8fe54

                                                                                                                                                  SHA512

                                                                                                                                                  bff17ac844252e34f5edfcd4c2a0e015a9431c44bdcb63a3bbdd8f9bb509ea5796625b840dfd09777468c5a5ae8a4dcb4e198e90d0640f2e4de50eb767a14a50

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                  Filesize

                                                                                                                                                  3KB

                                                                                                                                                  MD5

                                                                                                                                                  84dc10d7795600598023c15edbdddb61

                                                                                                                                                  SHA1

                                                                                                                                                  e3c4f48a6ec3f28577088820a91668d726faffdd

                                                                                                                                                  SHA256

                                                                                                                                                  787613935437545c7a824f10272abb147cec9c35a6a954e3ad447e70f05c07b7

                                                                                                                                                  SHA512

                                                                                                                                                  b9c4e599f5f3a64637934dedacf27dcb08c008ea2adbdf33d21b06409337772e2736ee412ae2ba6c0d8d83e064ff41d3312f5ae6dde6b5d407f07dedb78239ca

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                  Filesize

                                                                                                                                                  2B

                                                                                                                                                  MD5

                                                                                                                                                  d751713988987e9331980363e24189ce

                                                                                                                                                  SHA1

                                                                                                                                                  97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                  SHA256

                                                                                                                                                  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                  SHA512

                                                                                                                                                  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                  Filesize

                                                                                                                                                  211B

                                                                                                                                                  MD5

                                                                                                                                                  fcbb2d9d405bb6b5429ac3dc3dcb4110

                                                                                                                                                  SHA1

                                                                                                                                                  4defe6b3172e051c85987602c88f994da6b57309

                                                                                                                                                  SHA256

                                                                                                                                                  e2affadfa184e9415465ace78593ef5bd5c2987410189536c190ec6794a0e53b

                                                                                                                                                  SHA512

                                                                                                                                                  beaf308e4cab6e3a96e16c42faf40805d1d47e3f251e7af23b00f87e39ac966b1ef4cdf105672895667706c2920cc48925ddaf2d8714911d50d928f986231264

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                  Filesize

                                                                                                                                                  40B

                                                                                                                                                  MD5

                                                                                                                                                  20d4b8fa017a12a108c87f540836e250

                                                                                                                                                  SHA1

                                                                                                                                                  1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                                                                                  SHA256

                                                                                                                                                  6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                                                                                  SHA512

                                                                                                                                                  507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  17KB

                                                                                                                                                  MD5

                                                                                                                                                  897e593e472729f90762d365bc981330

                                                                                                                                                  SHA1

                                                                                                                                                  3621c3eec3280e5cf1f93db80adeeb56e8637685

                                                                                                                                                  SHA256

                                                                                                                                                  40e67a978be35b0375af07cba3b57cd62c079bbc553218567c0c13e47ceeb0d4

                                                                                                                                                  SHA512

                                                                                                                                                  96e211bce41d55a7203b991bfab7358161f60f1b0968b790206f0c9b590e7958a34bae1c949a356dddfc8819367befe6040d50b0fa25215021267fc057ea9f9c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  16KB

                                                                                                                                                  MD5

                                                                                                                                                  4bb180be865529c066ea8ecec0ffd10a

                                                                                                                                                  SHA1

                                                                                                                                                  38d939accaa7cce6ee6b58bb1ba41c49e9f8679b

                                                                                                                                                  SHA256

                                                                                                                                                  bcf30e933fb99d6c7b79120c4a3c715b4ae58df588498e99ff2967ab3eb02eb7

                                                                                                                                                  SHA512

                                                                                                                                                  3f0f094574000e0a56e749cb1075958c65f2ad0e98f788fc17824297d5d2e09810c1abc39dcd30fbeda991db812425268d06f4654a175c9340926dd4cd23b81f

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  17KB

                                                                                                                                                  MD5

                                                                                                                                                  b05aa1cfbbc21be62dac2510f96c2998

                                                                                                                                                  SHA1

                                                                                                                                                  c64e8c85c1fb877f2d937511dcdcae813f6c9496

                                                                                                                                                  SHA256

                                                                                                                                                  b0f34c8bb9729d6fecf79d0407bf0a2f142b4ca5dde32ca8f0a621bba97684af

                                                                                                                                                  SHA512

                                                                                                                                                  96b195400a53d9067ffb0f251d878b9d295470e4142269990992f986d5cf90865dd2c9ad1763bb024367ff981983d203259ff3c5f7daa2142c05d6ba8afd5c3e

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  20KB

                                                                                                                                                  MD5

                                                                                                                                                  dd49d3ef44657177cbabd58327e3f788

                                                                                                                                                  SHA1

                                                                                                                                                  96ffab8fbaf7b1bd1b486c5a3dcc8f1b2410754c

                                                                                                                                                  SHA256

                                                                                                                                                  93df9417a30cc112a418fceafd0852cd79a10251c687da8559fbd0052723d0e0

                                                                                                                                                  SHA512

                                                                                                                                                  acafec7cc4f61e6ef38fba166e705b62aed01121d10e9a84b5852aa9e3496fb105d27aaa6bdaf63785e7bd1d1fa38694c366fe263f2c0a92728aee826cd8f60d

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  19KB

                                                                                                                                                  MD5

                                                                                                                                                  562fa33020650f1691dddb7cf832cdd0

                                                                                                                                                  SHA1

                                                                                                                                                  442b6f0f7deacf5987f8b536ae83fe7e0f8d057e

                                                                                                                                                  SHA256

                                                                                                                                                  91e1f5d7f3f0cd7d189c327a2f3831a8b6d28637caa0d2b50ceaa5f43db25954

                                                                                                                                                  SHA512

                                                                                                                                                  4af23837e25008631b3e4b76bbe673acd3b246fb3b2730f187428f137ff7cec749368d22d5ac0b9fc257562c1af6cc0e0c55458b33b529e40790f82ca5f7c532

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  17KB

                                                                                                                                                  MD5

                                                                                                                                                  0fef33e054f45ea68aa3815567c65ffa

                                                                                                                                                  SHA1

                                                                                                                                                  ca4b63ca76166a07417e96809e41dd67c0ea53cf

                                                                                                                                                  SHA256

                                                                                                                                                  8f2b0bcfdfb9dce5c9f083cd6bb92df4ccd150654a0b0b094e081eafe0101f28

                                                                                                                                                  SHA512

                                                                                                                                                  38af38cc8b763b4fc17f91cc454320b4d6fa5b835af454ffdf7a9c55105ff6422a552f1d9990ba1fdc6b1a2a46dcfe0bcda7b70a4a32cd4d7fcfbde5c09b5d0d

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  15KB

                                                                                                                                                  MD5

                                                                                                                                                  ba75c2ed184658c6ab0d67906a0f52f2

                                                                                                                                                  SHA1

                                                                                                                                                  cd4fb0ef1a9c23c90ae6f633d4eb0284eb9af9a9

                                                                                                                                                  SHA256

                                                                                                                                                  d21711a89ae4636f0afbab4e18b7de955e7dfc2e1403371c3058d0db37abc0c1

                                                                                                                                                  SHA512

                                                                                                                                                  339cf9ce8cbc1ba36756e795df2cef83f9107da130276cce270be115cac13da1f7fc893d3db654b27a9f126791f05b1e08c8326102292c84383d70ca1d0eb383

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  18KB

                                                                                                                                                  MD5

                                                                                                                                                  8f643bee25a5644608eded33953b3647

                                                                                                                                                  SHA1

                                                                                                                                                  375c8c6df13a4bef09f01651c8c8927034bff1e5

                                                                                                                                                  SHA256

                                                                                                                                                  a7674ae72e2ba59e324f00f9d27e531a4674d4e305051142bdde7b44731b818e

                                                                                                                                                  SHA512

                                                                                                                                                  aef8a9c0c05250db4d2843cd67510bf14d85a707bc97474daa079cdc15069dfa61544798dee44f20c7ec05f0969027ba3079aeb6d86609ba42ef45ab99ef7232

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                  Filesize

                                                                                                                                                  37KB

                                                                                                                                                  MD5

                                                                                                                                                  1ea99528cace2c5ca0a05ab7ae6be743

                                                                                                                                                  SHA1

                                                                                                                                                  3c03b3e7b9a4d35a2c0903f8fa3bc753c46b3cbc

                                                                                                                                                  SHA256

                                                                                                                                                  ab4b3fe77c1965bea30089bb899d1ecd786a4e9e5d0d9251ef834105f32eb037

                                                                                                                                                  SHA512

                                                                                                                                                  23e6e3771c8f2c183e9a109ec37037077b17b972614c6b5e3102e6bce29484e4e6ac4ecb7f6917f370e78b35c9c8e5a5bc32cb585ae4966df44eeb682da9b63c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6de81848-5b24-4103-b044-7a04b1ce3981\index-dir\the-real-index
                                                                                                                                                  Filesize

                                                                                                                                                  2KB

                                                                                                                                                  MD5

                                                                                                                                                  394399497720ff65f1b5b4e44b39df65

                                                                                                                                                  SHA1

                                                                                                                                                  fb0aea18b8c3050d2906c7a61efdabda53770e69

                                                                                                                                                  SHA256

                                                                                                                                                  b276e183e4d60e5b14250d771b5dd19df0cdfd386eb563600c57082d545798cf

                                                                                                                                                  SHA512

                                                                                                                                                  9435ed7f8fa3dca59c065527ddc56b44684d4e985d074dbf317f3aaa45e8da6bca2ecfa13eeaaa9a74ff6402880c681055db42a008c7e404bee11ae109f23b97

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6de81848-5b24-4103-b044-7a04b1ce3981\index-dir\the-real-index~RFe5c1eea.TMP
                                                                                                                                                  Filesize

                                                                                                                                                  2KB

                                                                                                                                                  MD5

                                                                                                                                                  885035eda2d505c8b641b81d13312b55

                                                                                                                                                  SHA1

                                                                                                                                                  dee12740f68cfad9727d7e41da6b53a259abc2b4

                                                                                                                                                  SHA256

                                                                                                                                                  1deed47f891ac959b44d347db8a48e8c6d5e9c80d9fcc7cedd4ebc2c0480060e

                                                                                                                                                  SHA512

                                                                                                                                                  5483752af5d3dfc081de54cd513d28507d25bbab4b9b50952b3479df9bfd3b095ac788d8f33f90182530e9acdb40732bb142adceeddbc517eb723c21ce70ff42

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
                                                                                                                                                  Filesize

                                                                                                                                                  253B

                                                                                                                                                  MD5

                                                                                                                                                  3e2e834e3ea7bd82f9b2c43ff229f703

                                                                                                                                                  SHA1

                                                                                                                                                  36c22dc5ac31a51da939f486dd51e7e62140ecf9

                                                                                                                                                  SHA256

                                                                                                                                                  56e9d8e79c61ffdd78c872c14d571a91d20c4fffcb984696306190e6283d4b53

                                                                                                                                                  SHA512

                                                                                                                                                  38e9a217d3a0e3e53b8a4973540b751680eb1bba0c0763630f73b8f164d8fbb8bbeec15d20d151f15ca2f1246ce476eeb0dbe3fa88e04d8461033cc9b6628bcc

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
                                                                                                                                                  Filesize

                                                                                                                                                  22KB

                                                                                                                                                  MD5

                                                                                                                                                  ba2c50e45a8632abed2ddde5b1b1e530

                                                                                                                                                  SHA1

                                                                                                                                                  26d39c039c149204478beccc355dc34827d3069b

                                                                                                                                                  SHA256

                                                                                                                                                  ce55af6177fd345c2b8ef898389d4be2476b057119946ae50dce5fa09c2f5b63

                                                                                                                                                  SHA512

                                                                                                                                                  c4e54fe102ce7ef99d5da5100df620f0498359361a3ccf00fbcfad67df4ecf70aa2fd7d611ac104ddfcbbe3122a84294d9bec204f207db2d173a5328e8cb07e3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                                                                                  Filesize

                                                                                                                                                  462B

                                                                                                                                                  MD5

                                                                                                                                                  2414561370688fe78b9a2c501c6a2a5f

                                                                                                                                                  SHA1

                                                                                                                                                  7ddf1509afd9b88c2d29e201e36858f7d215e1ce

                                                                                                                                                  SHA256

                                                                                                                                                  1891c2522ae785d00515cdc128ff466ee80c1ef6c9749fc31877dc7f9a930f10

                                                                                                                                                  SHA512

                                                                                                                                                  dcb5a8350c0358103e447fe19866f5d1d495fae2ddd9ccbafbd0bdf9118d7eddc069fe8e6e9ec6ac0918f6ee9094484e65036053d9ebe3f3f800b33424bfbd47

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                                                                                  Filesize

                                                                                                                                                  462B

                                                                                                                                                  MD5

                                                                                                                                                  53f6cc2edcedcdf76ce62d3602af9251

                                                                                                                                                  SHA1

                                                                                                                                                  39bb4d07ed7476dfeddd970b8fba1cd6345136b9

                                                                                                                                                  SHA256

                                                                                                                                                  fa5e947ed989fe96c5e767cfd8c540a3984829716516658f676f9c050fb72e1d

                                                                                                                                                  SHA512

                                                                                                                                                  5b22d3cec7f20a96bde2cb6abbcb37c6c1055a5ee3a2dbbba34902b6007da1bbbbd18737fabad2056f356d299296b47fc398bc7944c47776dba4e7a799420cda

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18340.18330.1\json\wallet\wallet-checkout-eligible-sites.json
                                                                                                                                                  Filesize

                                                                                                                                                  23KB

                                                                                                                                                  MD5

                                                                                                                                                  16d41ebc643fd34addf3704a3be1acdd

                                                                                                                                                  SHA1

                                                                                                                                                  b7fadc8afa56fbf4026b8c176112632c63be58a0

                                                                                                                                                  SHA256

                                                                                                                                                  b962497993e2cd24039474bc84be430f8f6e6ab0f52010e90351dc3ff259336c

                                                                                                                                                  SHA512

                                                                                                                                                  8d58aa30613a2376ccc729278d166a9b3ec87eca95544b9dec1ee9300e7dd987326ea42d05dca3f1cc08186685f2fdaf53c24fd2b756c1ed9f2b46436689dc74

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18340.18330.1\json\wallet\wallet-notification-config.json
                                                                                                                                                  Filesize

                                                                                                                                                  804B

                                                                                                                                                  MD5

                                                                                                                                                  4cdefd9eb040c2755db20aa8ea5ee8f7

                                                                                                                                                  SHA1

                                                                                                                                                  f649fcd1c12c26fb90906c4c2ec0a9127af275f4

                                                                                                                                                  SHA256

                                                                                                                                                  bb26ce6fe9416918e9f92fcc4a6fe8a641eceea54985356637991cf6d768f9fd

                                                                                                                                                  SHA512

                                                                                                                                                  7e23b91eab88c472eec664f7254c5513fc5de78e2e0151b0bcc86c3cd0bf2cb5d8bb0345d27afdd9f8fcb10be96feaa753f09e301fa92b8d76f4300600577209

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18340.18330.1\json\wallet\wallet-stable.json
                                                                                                                                                  Filesize

                                                                                                                                                  81KB

                                                                                                                                                  MD5

                                                                                                                                                  2e7d07dadfdac9adcabe5600fe21e3be

                                                                                                                                                  SHA1

                                                                                                                                                  d4601f65c6aa995132f4fce7b3854add5e7996a7

                                                                                                                                                  SHA256

                                                                                                                                                  56090563e8867339f38c025eafb152ffe40b9cfa53f2560c6f8d455511a2346a

                                                                                                                                                  SHA512

                                                                                                                                                  5cd1c818253e75cc02fccec46aeb34aeff95ea202aa48d4de527f4558c00e69e4cfd74d5cacfcf1bcd705fe6ff5287a74612ee69b5cc75f9428acfbdb4010593

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18340.18330.1\json\wallet\wallet-tokenization-config.json
                                                                                                                                                  Filesize

                                                                                                                                                  34KB

                                                                                                                                                  MD5

                                                                                                                                                  ae3bd0f89f8a8cdeb1ea6eea1636cbdd

                                                                                                                                                  SHA1

                                                                                                                                                  1801bc211e260ba8f8099727ea820ecf636c684a

                                                                                                                                                  SHA256

                                                                                                                                                  0088d5ebd8360ad66bd7bcc80b9754939775d4118cb7605fc1f514c707f0e20d

                                                                                                                                                  SHA512

                                                                                                                                                  69aff97091813d9d400bb332426c36e6b133a4b571b521e8fb6ad1a2b8124a3c5da8f3a9c52b8840152cf7adbd2ac653102aa2210632aa64b129cf7704d5b4fa

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  55KB

                                                                                                                                                  MD5

                                                                                                                                                  3f186a085c0f95e222c35fbfc14439cb

                                                                                                                                                  SHA1

                                                                                                                                                  35fa7f80c0775f11f4ce9fd5b79ebd1a5be50f88

                                                                                                                                                  SHA256

                                                                                                                                                  56bdad5e43eb5207cf50432a4b18a604d33a849b9b7d8e5c27b75ff995ae0144

                                                                                                                                                  SHA512

                                                                                                                                                  896e470085f942754a6694507bd067f9ab4ab5b94b195e786a9edb9cfdbcb8b5754be7d6e240fde16352352dcd3a2591bf15cb67e5bf7056143ef33bef7b9676

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  54KB

                                                                                                                                                  MD5

                                                                                                                                                  5b2defb96484ec398685b7b09bf4ce66

                                                                                                                                                  SHA1

                                                                                                                                                  6f2fa02cb1a147cf535f062a0856083e1cde2b46

                                                                                                                                                  SHA256

                                                                                                                                                  d276ab5a87cbe36e26e7ea301656332aefb2aa54b82fc78123e24f637a3a8c79

                                                                                                                                                  SHA512

                                                                                                                                                  b0a493fe77ddd2ca50634b785c4894028c25a99c194923239df95119b444194295c81481364aa9463bd577d624839a9b694d3e187e889e7385bf5b5cc43fd559

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  55KB

                                                                                                                                                  MD5

                                                                                                                                                  d979bcffeb36570af8e1459dbd79ea85

                                                                                                                                                  SHA1

                                                                                                                                                  651c9702b661e4c3011cfc2381c1220f45adbc05

                                                                                                                                                  SHA256

                                                                                                                                                  45ee87ab2d31aac9a2ff77c71f01a2bdb0da7da6789d337e5974ee5234df39d9

                                                                                                                                                  SHA512

                                                                                                                                                  a2adb6d0c4d0310bd489707a40f2a22e03a5d4fea6246767fd0367ff3d9e3b9c0a02602e60d5ce4d975673f2fab057a39b3a3eedfcff08a2714960d4d1e7f163

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  55KB

                                                                                                                                                  MD5

                                                                                                                                                  917cf9cd880e21878dcdf0668611f158

                                                                                                                                                  SHA1

                                                                                                                                                  18d3a4f78ff204132b5e20ef4efa242ded722919

                                                                                                                                                  SHA256

                                                                                                                                                  04621d0752f27db74c4c61dd88ada0d6d376fbe38da99af33d767d026d4dcc68

                                                                                                                                                  SHA512

                                                                                                                                                  8045c4763f175cdcb2ca55c9d83377362988c223cf4ea027e0b6ed03ded8a1b5aa2e8f8f811f79231c5f7e3b420dcd986fd806cfc0f93b0b7066aa81711de574

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  40KB

                                                                                                                                                  MD5

                                                                                                                                                  10a7368b86146de88a4abfae64ffe93a

                                                                                                                                                  SHA1

                                                                                                                                                  e6dfb0d0548a56f83808561f15d7e18d81b6257d

                                                                                                                                                  SHA256

                                                                                                                                                  8f86b278b5e28c381f2803f1f93896e543eae3dfed29b7506937fbfaf2a31c1b

                                                                                                                                                  SHA512

                                                                                                                                                  83b2a894472d4245dfc15716a05d5ee070c980634ff3b827b5fab7b5de7126b8c95ac1bd8365c7e50cff09895e0aaa3e6f8824a6e193179d017f4d789762b2ea

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  54KB

                                                                                                                                                  MD5

                                                                                                                                                  45868c3e1ceb79ab1fe9bf41a5c00693

                                                                                                                                                  SHA1

                                                                                                                                                  127ce81a640c978f4b4d8ab59946aee8e6aac85a

                                                                                                                                                  SHA256

                                                                                                                                                  6a616b73303cca22e79189b899c61a94bc8c81c507e6d2ad836d32dddca7a507

                                                                                                                                                  SHA512

                                                                                                                                                  0ab7b43c41e63d9f902901bbb133c63ee6d6d5ac66f06d4e106b642919d1a00d6926a87481c01ee38af75e9e4762cb22e7536247d4236a980d16f48ab146d344

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  49KB

                                                                                                                                                  MD5

                                                                                                                                                  038508cf1bac6f0e08ae767a501d9256

                                                                                                                                                  SHA1

                                                                                                                                                  4f4a42a8071103e3203c5be4c84bc2f5e74d55e9

                                                                                                                                                  SHA256

                                                                                                                                                  721cf94721f9fab28672a60d7d325602b228652fee5aec13addf783800491bc4

                                                                                                                                                  SHA512

                                                                                                                                                  676b7593867031d70304f16ddae37c18d6c344e01ec64513caf0a9cbb31845b325a19111d4b5924d06fd87670c5fe0c175202a45f092e1bf32ec1adfb01b1758

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  55KB

                                                                                                                                                  MD5

                                                                                                                                                  008049125520c53de91de4ccf78f4988

                                                                                                                                                  SHA1

                                                                                                                                                  e289ebfdcb13d54820c29ba6fd9f501229f6fa66

                                                                                                                                                  SHA256

                                                                                                                                                  6616abc031dc8791bb6d010e4fabb919416b9a263bcb495eea6600b99fc05d93

                                                                                                                                                  SHA512

                                                                                                                                                  b236e3b727a84424d7c559ecc82ac31d47a7a85df886c77bd33b237777245a019f60d025efdee62c53160797e7ee1e5f53759dc86fa4d77058a5f47b17d47687

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                  Filesize

                                                                                                                                                  49KB

                                                                                                                                                  MD5

                                                                                                                                                  6e57e9bedfa7c382af3af98bb01442d4

                                                                                                                                                  SHA1

                                                                                                                                                  040cfd55a1ced9357bdfda829ebda43f4c37d8dd

                                                                                                                                                  SHA256

                                                                                                                                                  dfaa2a55158933377359d454d286a344bfa58659622d828f330423bbc9e759a0

                                                                                                                                                  SHA512

                                                                                                                                                  44e50c0be37accaa0398d1b4fe5a0eda2303b770b5ae69a88bc1ee3f1ddbd5ffdbb0c4480671d8b1862b1200a4b1b4b5ef6c9aa247ec723fd8d67adf640c90fb

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\crs.pb
                                                                                                                                                  Filesize

                                                                                                                                                  289KB

                                                                                                                                                  MD5

                                                                                                                                                  2b59269e7efdd95ba14eeb780dfb98c2

                                                                                                                                                  SHA1

                                                                                                                                                  b3f84cbc37a79eeecb8f1f39b615577d78600096

                                                                                                                                                  SHA256

                                                                                                                                                  ff2ced650772249abb57f6f19c5d0322d6df22c85c7cf2be193b6134e1b95172

                                                                                                                                                  SHA512

                                                                                                                                                  e4b454db2248021e0d198805ea54f1c0cfd84b9716a9348b1d0e0acb7c6fb5dd0839e532a5eb6d4410ab759d6688dd6cce8375ad55a150d738d280993142e9d7

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\ct_config.pb
                                                                                                                                                  Filesize

                                                                                                                                                  8KB

                                                                                                                                                  MD5

                                                                                                                                                  811b65320a82ebd6686fabf4bb1cb81a

                                                                                                                                                  SHA1

                                                                                                                                                  c660d448114043babec5d1c9c2584df6fab7f69b

                                                                                                                                                  SHA256

                                                                                                                                                  52687dd0c06f86a2298a4442ab8afa9b608271ec01a67217d7b58dab7e507bdf

                                                                                                                                                  SHA512

                                                                                                                                                  33350cce447508269b7714d9e551560553e020d6acf37a6a6021dc497d4008ce9e532dd615ad68872d75da22ac2039ef0b4fa70c23ec4b58043c468d5d75fd81

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\kp_pinslist.pb
                                                                                                                                                  Filesize

                                                                                                                                                  11KB

                                                                                                                                                  MD5

                                                                                                                                                  0779206f78d8b0d540445a10cb51670c

                                                                                                                                                  SHA1

                                                                                                                                                  67f0f916be73bf5cffd3f4c4aa8d122c7d73ad54

                                                                                                                                                  SHA256

                                                                                                                                                  bf0945921058b9e67db61e6a559531af2f9b78d5fbedb0b411384225bdd366ec

                                                                                                                                                  SHA512

                                                                                                                                                  4140b2debe9c0b04e1e59be1387dca0e8e2f3cbc1f67830cbc723864acc2276cde9529295dcb4138fa0e2e116416658753fe46901dfa572bdfe6c7fb67bd8478

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
                                                                                                                                                  Filesize

                                                                                                                                                  392B

                                                                                                                                                  MD5

                                                                                                                                                  117d17b0f1f1d6bcdd5bcf754fd9b81f

                                                                                                                                                  SHA1

                                                                                                                                                  d1082bfff75ecf096de431d353c3e99b3190b8cc

                                                                                                                                                  SHA256

                                                                                                                                                  fe0354be91a25ecfc6a553f36f2ef648acf1200044849fc8923f1f884b54a075

                                                                                                                                                  SHA512

                                                                                                                                                  2ad863476941f9f16b61399138267bbdac424a4c2c26b6cadb27e9a9a9fc7137638d2e4fe78067c16fbb5bbcabae70e244ec2505cf10b1f680ef939a68a2207e

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
                                                                                                                                                  Filesize

                                                                                                                                                  392B

                                                                                                                                                  MD5

                                                                                                                                                  06ffe512ccd71425c492d49234d82cde

                                                                                                                                                  SHA1

                                                                                                                                                  e3fa574d9b94da7425e9b39239158d9152e040d3

                                                                                                                                                  SHA256

                                                                                                                                                  f945a206c1bf3fcc0207be80391944a3604fa1403d93746723a88e2ddaa8bdd8

                                                                                                                                                  SHA512

                                                                                                                                                  f26aafccc6e5eb136664f85efe874d6a80e5d0caf876d45bd4950cbafd43f9a30a8c761e6ec445e8842a63316b3e9c0160ca4af1ff6ce27d2425d89c8f42344d

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe5d3981.TMP
                                                                                                                                                  Filesize

                                                                                                                                                  392B

                                                                                                                                                  MD5

                                                                                                                                                  91be5319cd08b207185df31211a7b380

                                                                                                                                                  SHA1

                                                                                                                                                  36c66635e67249016ece3bee0dc830b85c1e911e

                                                                                                                                                  SHA256

                                                                                                                                                  8a01a344a5d69ff6f913f160bd8cb1c2ee48765391e165f10d059bfa15f916cc

                                                                                                                                                  SHA512

                                                                                                                                                  607c46df8eb780b50b6d614991b7056e82d47b5480726799b90aeb01df39f5fd710bdb0b5bbd36c0d8354d633f13fc2f06f2e8bb02f1c39afe7e4c47ead8d7c9

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.57\Ruleset Data
                                                                                                                                                  Filesize

                                                                                                                                                  2.8MB

                                                                                                                                                  MD5

                                                                                                                                                  6a62b26b738ffda1414b1e45b3b97c12

                                                                                                                                                  SHA1

                                                                                                                                                  ff44417a79841f948bdbeec9049f9fb59d16dc9f

                                                                                                                                                  SHA256

                                                                                                                                                  da3927c997d3bb2326e97a8dd7835c28f50ad8c4a9dd407669f20730c0159207

                                                                                                                                                  SHA512

                                                                                                                                                  820caca570523600a057dbedd38b7e3b375d6427d716cb74d0aee0825e621268a9f418f135443e5bc6bd7b9a1fbb8eb6676324d46f9111e56404b8953f23de53

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules
                                                                                                                                                  Filesize

                                                                                                                                                  1.8MB

                                                                                                                                                  MD5

                                                                                                                                                  d7c9c6d2e1d9ae242d68a8316f41198c

                                                                                                                                                  SHA1

                                                                                                                                                  8d2ddccc88a10468e5bffad1bd377be82d053357

                                                                                                                                                  SHA256

                                                                                                                                                  f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547

                                                                                                                                                  SHA512

                                                                                                                                                  7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE
                                                                                                                                                  Filesize

                                                                                                                                                  24KB

                                                                                                                                                  MD5

                                                                                                                                                  aad9405766b20014ab3beb08b99536de

                                                                                                                                                  SHA1

                                                                                                                                                  486a379bdfeecdc99ed3f4617f35ae65babe9d47

                                                                                                                                                  SHA256

                                                                                                                                                  ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

                                                                                                                                                  SHA512

                                                                                                                                                  bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.3.15.1\typosquatting_list.pb
                                                                                                                                                  Filesize

                                                                                                                                                  631KB

                                                                                                                                                  MD5

                                                                                                                                                  ad013f0723d332e26a9101a81483661e

                                                                                                                                                  SHA1

                                                                                                                                                  a3db6536228681288dbf39d4a94d2d8f11e77d3f

                                                                                                                                                  SHA256

                                                                                                                                                  96fb259d4c8d3ed7d7c657b6aecc8ccd2b0730b11244a83499c0d8dab91087d5

                                                                                                                                                  SHA512

                                                                                                                                                  b2c700ac36657d288cbe0bdbbe7856299d6af24e00fce8f9d78434ac2f10fc82f9399b03cd5995817721a0d252976f99424062e5b79d0281d8163aa5af330f32

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll
                                                                                                                                                  Filesize

                                                                                                                                                  572KB

                                                                                                                                                  MD5

                                                                                                                                                  f5f5b37fd514776f455864502c852773

                                                                                                                                                  SHA1

                                                                                                                                                  8d5ed434173fd77feb33cb6cb0fad5e2388d97c6

                                                                                                                                                  SHA256

                                                                                                                                                  2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e

                                                                                                                                                  SHA512

                                                                                                                                                  b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-3-16.525.2700.1.odl
                                                                                                                                                  Filesize

                                                                                                                                                  706B

                                                                                                                                                  MD5

                                                                                                                                                  8b8c63b83f5167c948343c19f1b1974d

                                                                                                                                                  SHA1

                                                                                                                                                  f06821bae28a4c482ec70baf5ead74773ff930a0

                                                                                                                                                  SHA256

                                                                                                                                                  3225c07d1e2c42261a0ce3c726f404b2b4e60131be5d79c4c6ceebe2dd01cf5e

                                                                                                                                                  SHA512

                                                                                                                                                  adebd5679b9958054ca3f6ff06ea426f3c3738b353d513d9e67c74bd28e8d1e21290c503748f1db4d2376e2b06b6c3c8733c9ca9a345fc5091ec0be16a7fb973

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\98828e66-8b19-4c1d-9028-0e44e8cd1de6.down_data
                                                                                                                                                  Filesize

                                                                                                                                                  555KB

                                                                                                                                                  MD5

                                                                                                                                                  5683c0028832cae4ef93ca39c8ac5029

                                                                                                                                                  SHA1

                                                                                                                                                  248755e4e1db552e0b6f8651b04ca6d1b31a86fb

                                                                                                                                                  SHA256

                                                                                                                                                  855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

                                                                                                                                                  SHA512

                                                                                                                                                  aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\AppData\Local\Temp\is-KQOKI.tmp\butterflyondesktop.tmp
                                                                                                                                                  Filesize

                                                                                                                                                  688KB

                                                                                                                                                  MD5

                                                                                                                                                  c765336f0dcf4efdcc2101eed67cd30c

                                                                                                                                                  SHA1

                                                                                                                                                  fa0279f59738c5aa3b6b20106e109ccd77f895a7

                                                                                                                                                  SHA256

                                                                                                                                                  c5177fdc6031728e10141745cd69edbc91c92d14411a2dec6e8e8caa4f74ab28

                                                                                                                                                  SHA512

                                                                                                                                                  06a67ac37c20897967e2cad453793a6ef1c7804d4c578404f845daa88c859b15b0acb51642e6ad23ca6ba6549b02d5f6c98b1fa402004bdbf9d646abab7ec891

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\Desktop\Butterfly on Desktop.lnk
                                                                                                                                                  Filesize

                                                                                                                                                  1KB

                                                                                                                                                  MD5

                                                                                                                                                  d615a61df1f691cf4c8e5ea9b3d716dc

                                                                                                                                                  SHA1

                                                                                                                                                  f90e6e401bf987035b854d4ffa6f15eff12313c6

                                                                                                                                                  SHA256

                                                                                                                                                  c73e595dce08db7987c5dd0533abd2bff31c692987617407dedce7d2454f4516

                                                                                                                                                  SHA512

                                                                                                                                                  496aa250ca6d8333fa9f048eee5670cd7203ba277eab696b399c933f633adc835e72cdd8a58dbcd8d9c771a5543a144bc9bf325e05ee94d20dd3739859f89b47

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier
                                                                                                                                                  Filesize

                                                                                                                                                  26B

                                                                                                                                                  MD5

                                                                                                                                                  fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                                                                                  SHA1

                                                                                                                                                  d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                                                                                  SHA256

                                                                                                                                                  eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                                                                                  SHA512

                                                                                                                                                  aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe
                                                                                                                                                  Filesize

                                                                                                                                                  2.8MB

                                                                                                                                                  MD5

                                                                                                                                                  cce284cab135d9c0a2a64a7caec09107

                                                                                                                                                  SHA1

                                                                                                                                                  e4b8f4b6cab18b9748f83e9fffd275ef5276199e

                                                                                                                                                  SHA256

                                                                                                                                                  18aab0e981eee9e4ef8e15d4b003b14b3a1b0bfb7233fade8ee4b6a22a5abbb9

                                                                                                                                                  SHA512

                                                                                                                                                  c45d021295871447ce60250ff9cbeba2b2a16a23371530da077d6235cfe5005f10fa228071542df3621462d913ad2f58236dc0c0cb390779eef86a10bba8429f

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\Kakwa.doc.crypt
                                                                                                                                                  Filesize

                                                                                                                                                  72KB

                                                                                                                                                  MD5

                                                                                                                                                  cdb0ad8802ac714f36fdf663fbb1677f

                                                                                                                                                  SHA1

                                                                                                                                                  8580544ee84bb6ce723216e1f6c247ca2414a957

                                                                                                                                                  SHA256

                                                                                                                                                  f87066b7d8051a10da70ece12733c30f3dabfe86d85684ebf75734d38a7a7998

                                                                                                                                                  SHA512

                                                                                                                                                  e1c65b7882d26754a189535bf6f0360146cb95b697d1b7e7a7c298c91ffb940a7c4504da25b19106eee6c29fe96169f83b80f5bfd1655278fcb2908612d5d7fd

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe
                                                                                                                                                  Filesize

                                                                                                                                                  2.8MB

                                                                                                                                                  MD5

                                                                                                                                                  1535aa21451192109b86be9bcc7c4345

                                                                                                                                                  SHA1

                                                                                                                                                  1af211c686c4d4bf0239ed6620358a19691cf88c

                                                                                                                                                  SHA256

                                                                                                                                                  4641af6a0071e11e13ad3b1cd950e01300542c2b9efb6ae92ffecedde974a4a6

                                                                                                                                                  SHA512

                                                                                                                                                  1762b29f7b26911a7e6d244454eac7268235e2e0c27cd2ca639b8acdde2528c9ddf202ed59ca3155ee1d6ad3deba559a6eaf4ed74624c68688761e3e404e54da

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2628_215615778\_metadata\verified_contents.json
                                                                                                                                                  Filesize

                                                                                                                                                  1KB

                                                                                                                                                  MD5

                                                                                                                                                  68e6b5733e04ab7bf19699a84d8abbc2

                                                                                                                                                  SHA1

                                                                                                                                                  1c11f06ca1ad3ed8116d356ab9164fd1d52b5cf0

                                                                                                                                                  SHA256

                                                                                                                                                  f095f969d6711f53f97747371c83d5d634eaef21c54cb1a6a1cc5b816d633709

                                                                                                                                                  SHA512

                                                                                                                                                  9dc5d824a55c969820d5d1fbb0ca7773361f044ae0c255e7c48d994e16ce169fceac3de180a3a544ebef32337ea535683115584d592370e5fe7d85c68b86c891

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2628_215615778\manifest.fingerprint
                                                                                                                                                  Filesize

                                                                                                                                                  66B

                                                                                                                                                  MD5

                                                                                                                                                  8294c363a7eb84b4fc2faa7f8608d584

                                                                                                                                                  SHA1

                                                                                                                                                  00df15e2d5167f81c86bca8930d749ebe2716f55

                                                                                                                                                  SHA256

                                                                                                                                                  c6602cb5c85369350d8351675f006fc58aea20b8abf922a2c64700070daaa694

                                                                                                                                                  SHA512

                                                                                                                                                  22ed0211822f6f60fe46184fb6e5e7fcb2b3a9d2e19f25fb6e84e1ca3a5d645183959309549cdb07c999b345cfdd9a1351f3474e03fb8d451b0f093d44844d7c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2628_215615778\sets.json
                                                                                                                                                  Filesize

                                                                                                                                                  9KB

                                                                                                                                                  MD5

                                                                                                                                                  eea4913a6625beb838b3e4e79999b627

                                                                                                                                                  SHA1

                                                                                                                                                  1b4966850f1b117041407413b70bfa925fd83703

                                                                                                                                                  SHA256

                                                                                                                                                  20ef4de871ece3c5f14867c4ae8465999c7a2cc1633525e752320e61f78a373c

                                                                                                                                                  SHA512

                                                                                                                                                  31b1429a5facd6787f6bb45216a4ab1c724c79438c18ebfa8c19ced83149c17783fd492a03197110a75aaf38486a9f58828ca30b58d41e0fe89dfe8bdfc8a004

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_10102738\Notification\notification_fast.bundle.js.LICENSE.txt
                                                                                                                                                  Filesize

                                                                                                                                                  551B

                                                                                                                                                  MD5

                                                                                                                                                  7bf61e84e614585030a26b0b148f4d79

                                                                                                                                                  SHA1

                                                                                                                                                  c4ffbc5c6aa599e578d3f5524a59a99228eea400

                                                                                                                                                  SHA256

                                                                                                                                                  38ed54eb53300fdb6e997c39c9fc83a224a1fd9fa06a0b6d200aa12ea278c179

                                                                                                                                                  SHA512

                                                                                                                                                  ca5f2d3a4f200371927c265b9fb91b8bcd0fbad711559f796f77b695b9038638f763a040024ed185e67be3a7b58fab22a6f8114e73fdbd1cccdda6ef94ff88f3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_10102738\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt
                                                                                                                                                  Filesize

                                                                                                                                                  1KB

                                                                                                                                                  MD5

                                                                                                                                                  8595bdd96ab7d24cc60eb749ce1b8b82

                                                                                                                                                  SHA1

                                                                                                                                                  3b612cc3d05e372c5ac91124f3756bbf099b378d

                                                                                                                                                  SHA256

                                                                                                                                                  363f376ab7893c808866a830fafbcd96ae6be93ec7a85fabf52246273cf56831

                                                                                                                                                  SHA512

                                                                                                                                                  555c0c384b6fcfc2311b47c0b07f8e34243de528cf1891e74546b6f4cda338d75c2e2392827372dc39e668ed4c2fd1a02112d8136d2364f9cab9ee4fa1bd87f5

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_10102738\json\i18n-tokenized-card\fr-CA\strings.json
                                                                                                                                                  Filesize

                                                                                                                                                  2KB

                                                                                                                                                  MD5

                                                                                                                                                  cd247582beb274ca64f720aa588ffbc0

                                                                                                                                                  SHA1

                                                                                                                                                  4aaeef0905e67b490d4a9508ed5d4a406263ed9c

                                                                                                                                                  SHA256

                                                                                                                                                  c67b555372582b07df86a6ce3329a854e349ba9525d7be0672517bab0ac14db5

                                                                                                                                                  SHA512

                                                                                                                                                  bf8fa4bd7c84038fae9eddb483ae4a31d847d5d47b408b3ea84d46d564f15dfc2bae6256eac4a852dd1c4ad8e58bc542e3df30396be05f30ed07e489ebe52895

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_10102738\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  121B

                                                                                                                                                  MD5

                                                                                                                                                  fde1edabd926edaf85bd8dcfd6d26f0d

                                                                                                                                                  SHA1

                                                                                                                                                  380c447a4df3871885c99d926edd1e689f247b99

                                                                                                                                                  SHA256

                                                                                                                                                  3bab6a96aa24d25d5f838199dff00837be00480f92a559d30a24f67334e02a2a

                                                                                                                                                  SHA512

                                                                                                                                                  acc5b7ee98a6652a74477d2a9b295ecdacfd0182b75931653d373fdb15c52d1d869bbe3a41e4a79db36ed91ed55c39c47526268b56b123e9b7f19479bbe8dc13

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1075824229\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  145B

                                                                                                                                                  MD5

                                                                                                                                                  0df2306638bd60162686e9c4bafbd505

                                                                                                                                                  SHA1

                                                                                                                                                  ef9e16bf867f7950d5a30172e1d34d38686b0e72

                                                                                                                                                  SHA256

                                                                                                                                                  fd7b554588c5e72506a0bfed89bc298911a5649b9f5168ad7c1804d1c75de42e

                                                                                                                                                  SHA512

                                                                                                                                                  73fca229097631104cf352061d62455b6c5520bf59777520165719d2368b0e77f3ce66f52873fec53ac60e35274bf397ba321bc62610f0b7b172a7c5c4975174

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1300447584\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  116B

                                                                                                                                                  MD5

                                                                                                                                                  2188c7ec4e86e29013803d6b85b0d5bb

                                                                                                                                                  SHA1

                                                                                                                                                  5a9b4a91c63e0013f661dfc472edb01385d0e3ce

                                                                                                                                                  SHA256

                                                                                                                                                  ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62

                                                                                                                                                  SHA512

                                                                                                                                                  37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1609278997\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  76B

                                                                                                                                                  MD5

                                                                                                                                                  ba25fcf816a017558d3434583e9746b8

                                                                                                                                                  SHA1

                                                                                                                                                  be05c87f7adf6b21273a4e94b3592618b6a4a624

                                                                                                                                                  SHA256

                                                                                                                                                  0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

                                                                                                                                                  SHA512

                                                                                                                                                  3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1671421388\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  118B

                                                                                                                                                  MD5

                                                                                                                                                  56decbaf515f574521f86e481e880496

                                                                                                                                                  SHA1

                                                                                                                                                  cf86b7e930bccc9168458b7202ff89b50a41a8e3

                                                                                                                                                  SHA256

                                                                                                                                                  4aa32c5d74a694c56869211d6ff4a3d61334b9b61659dab631eb6c285416c608

                                                                                                                                                  SHA512

                                                                                                                                                  669804a28a9e1adde2e259c2a0442f2d8c054908fb1c382db27d6f08353f1d8e3ba495ac18ad4746aac4d19eeac67594f3b2b0789a607ceae70c445d07ba3196

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1698442146\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  102B

                                                                                                                                                  MD5

                                                                                                                                                  a64e2a4236e705215a3fd5cb2697a71f

                                                                                                                                                  SHA1

                                                                                                                                                  1c73e6aad8f44ade36df31a23eaaf8cd0cae826d

                                                                                                                                                  SHA256

                                                                                                                                                  014e9fc1219beefc428ec749633125c9bff7febc3be73a14a8f18a6691cd2846

                                                                                                                                                  SHA512

                                                                                                                                                  75b30c0c8cef490aaf923afbdb5385d4770de82e698f71f8f126a6af5ef16f3a90d0c27687f405274177b1a5250436efddd228a6d2949651f43bd926e8a1cc99

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1919852005\LICENSE
                                                                                                                                                  Filesize

                                                                                                                                                  1KB

                                                                                                                                                  MD5

                                                                                                                                                  ee002cb9e51bb8dfa89640a406a1090a

                                                                                                                                                  SHA1

                                                                                                                                                  49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                                                                                                                                  SHA256

                                                                                                                                                  3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                                                                                                                                  SHA512

                                                                                                                                                  d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_1919852005\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  85B

                                                                                                                                                  MD5

                                                                                                                                                  c3419069a1c30140b77045aba38f12cf

                                                                                                                                                  SHA1

                                                                                                                                                  11920f0c1e55cadc7d2893d1eebb268b3459762a

                                                                                                                                                  SHA256

                                                                                                                                                  db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

                                                                                                                                                  SHA512

                                                                                                                                                  c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_26528687\hyph-as.hyb
                                                                                                                                                  Filesize

                                                                                                                                                  703B

                                                                                                                                                  MD5

                                                                                                                                                  8961fdd3db036dd43002659a4e4a7365

                                                                                                                                                  SHA1

                                                                                                                                                  7b2fa321d50d5417e6c8d48145e86d15b7ff8321

                                                                                                                                                  SHA256

                                                                                                                                                  c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

                                                                                                                                                  SHA512

                                                                                                                                                  531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_26528687\hyph-hi.hyb
                                                                                                                                                  Filesize

                                                                                                                                                  687B

                                                                                                                                                  MD5

                                                                                                                                                  0807cf29fc4c5d7d87c1689eb2e0baaa

                                                                                                                                                  SHA1

                                                                                                                                                  d0914fb069469d47a36d339ca70164253fccf022

                                                                                                                                                  SHA256

                                                                                                                                                  f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

                                                                                                                                                  SHA512

                                                                                                                                                  5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_26528687\hyph-nb.hyb
                                                                                                                                                  Filesize

                                                                                                                                                  141KB

                                                                                                                                                  MD5

                                                                                                                                                  677edd1a17d50f0bd11783f58725d0e7

                                                                                                                                                  SHA1

                                                                                                                                                  98fedc5862c78f3b03daed1ff9efbe5e31c205ee

                                                                                                                                                  SHA256

                                                                                                                                                  c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

                                                                                                                                                  SHA512

                                                                                                                                                  c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_26528687\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  82B

                                                                                                                                                  MD5

                                                                                                                                                  2617c38bed67a4190fc499142b6f2867

                                                                                                                                                  SHA1

                                                                                                                                                  a37f0251cd6be0a6983d9a04193b773f86d31da1

                                                                                                                                                  SHA256

                                                                                                                                                  d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665

                                                                                                                                                  SHA512

                                                                                                                                                  b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0

                                                                                                                                                  Download Submit

                                                                                                                                                • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5456_345303105\manifest.json
                                                                                                                                                  Filesize

                                                                                                                                                  141B

                                                                                                                                                  MD5

                                                                                                                                                  811f0436837c701dc1cea3d6292b3922

                                                                                                                                                  SHA1

                                                                                                                                                  4e51a3e9f5cbf8c9c96985dabe8ffc2de28dae87

                                                                                                                                                  SHA256

                                                                                                                                                  dbfb38a16e33a39c35ac50bd81782e4608be14954f1df69ac8272c0b9ce87a5d

                                                                                                                                                  SHA512

                                                                                                                                                  21e7bf2f8333b2900bcbcb871ede14684073249597d105095dc7d3f101e7ccc326068732f11d4a167365f245a3f2205793f520c7666d7f948e70919b40b43d35

                                                                                                                                                  Download Submit

                                                                                                                                                • memory/1108-1440-0x0000000000400000-0x00000000004BC000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  752KB

                                                                                                                                                  Download

                                                                                                                                                • memory/1108-1413-0x0000000000400000-0x00000000004BC000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  752KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-766-0x000002255BB40000-0x000002255BB50000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  64KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-798-0x0000022563F80000-0x0000022563F81000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-782-0x000002255BC40000-0x000002255BC50000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  64KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-800-0x0000022563FB0000-0x0000022563FB1000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-801-0x0000022563FB0000-0x0000022563FB1000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  Download

                                                                                                                                                • memory/3332-802-0x00000225640C0000-0x00000225640C1000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  4KB

                                                                                                                                                  Download

                                                                                                                                                • memory/4568-11022-0x0000000000400000-0x00000000006BC000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  2.7MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4568-11029-0x0000000000400000-0x00000000006BC000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  2.7MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-10620-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9568-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9519-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-10621-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-1531-0x0000000002CB0000-0x0000000002CCA000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  104KB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9540-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-6118-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-2224-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9589-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-1512-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9588-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-9569-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-1510-0x0000000002CB0000-0x0000000002CCA000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  104KB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-10610-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  3.0MB

                                                                                                                                                  Download

                                                                                                                                                • memory/4672-1508-0x0000000002B50000-0x0000000002B66000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  88KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5056-1412-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  80KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5056-1392-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  80KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5056-1441-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  80KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5264-11006-0x0000000001060000-0x0000000001068000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  32KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5264-11005-0x000000001C1B0000-0x000000001C24C000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  624KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5264-11007-0x000000001C410000-0x000000001C45C000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  304KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5264-11004-0x000000001BC00000-0x000000001C0CE000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  4.8MB

                                                                                                                                                  Download

                                                                                                                                                • memory/5264-11003-0x000000001B670000-0x000000001B716000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  664KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5588-1504-0x0000000010000000-0x0000000010010000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  64KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5588-11048-0x00000000003A0000-0x00000000003B0000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  64KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5588-11049-0x00000000051B0000-0x0000000005756000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  5.6MB

                                                                                                                                                  Download

                                                                                                                                                • memory/5588-11050-0x0000000004D00000-0x0000000004D92000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  584KB

                                                                                                                                                  Download

                                                                                                                                                • memory/5588-11051-0x0000000004DB0000-0x0000000004DBA000-memory.dmp

                                                                                                                                                  Filesize

                                                                                                                                                  40KB

                                                                                                                                                  Download