Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
285s -
max time network
300s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
17/03/2025, 22:54
General
-
Target
1025296ad73c142202aded763f95657fcf821107e0947247cf41ca24c8bc95be.exe
-
Size
896KB
-
MD5
f22c3c68146ffaf6b04d6104c1cd7017
-
SHA1
d0558cadeb111a3783f9d377eb1709b891d97b84
-
SHA256
1025296ad73c142202aded763f95657fcf821107e0947247cf41ca24c8bc95be
-
SHA512
c0d8c81f4d23c8fb4e9572a5ff751a9a93f0f7c862c06b4b8843c7c904598fd68567b9f98449075db5e163ff90bfe52cb60f1bada776dc06132badf30dd0fe7a
-
SSDEEP
12288:PqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDganTj:PqDEvCTbMWu7rQYlBQcBiT6rprG8aTj
Malware Config
Signatures
-
Drops file in Program Files directory 34 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
-
Suspicious use of FindShellTrayWindow 6 IoCs
-
Suspicious use of SendNotifyMessage 4 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1025296ad73c142202aded763f95657fcf821107e0947247cf41ca24c8bc95be.exe"C:\Users\Admin\AppData\Local\Temp\1025296ad73c142202aded763f95657fcf821107e0947247cf41ca24c8bc95be.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account2⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2f0,0x7ff9c6e2f208,0x7ff9c6e2f214,0x7ff9c6e2f2203⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1864,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:33⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2152,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2560,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=2688 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3528,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3596 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3536,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3620 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4232,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4280 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4248,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3512 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=4368,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4648 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=4672,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=5536,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4664,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5652 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4652,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5832 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=5980,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4808 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4508,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5460,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=6280 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5668,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5812 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5668,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5812 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5868,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5712 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6868,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3788 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6856,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3792 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3612,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5860 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6928,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=6952 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7104,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=7112 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7264,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7268,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=7292 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4344,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4624 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4284,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=4608 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4636,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=7312 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6436,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=6424 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4416,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=7448 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6444,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3284 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4336,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=1980 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7428,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=1980 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3340,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=2900 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7448,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3272 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5412,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=6428 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3752,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=2900 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4568,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=3276 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3504,i,16863651469370662944,16131073054262312603,262144 --variations-seed-version --mojo-platform-channel-handle=5780 /prefetch:83⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video2⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/2⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
160B
MD5c3911ceb35539db42e5654bdd60ac956
SHA171be0751e5fc583b119730dbceb2c723f2389f6c
SHA25631952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d
SHA512d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331
-
Filesize
43B
MD5af3a9104ca46f35bb5f6123d89c25966
SHA11ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8
SHA25681bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea
SHA5126a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1
-
Filesize
85B
MD5c3419069a1c30140b77045aba38f12cf
SHA111920f0c1e55cadc7d2893d1eebb268b3459762a
SHA256db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f
SHA512c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1
-
Filesize
1KB
MD5ee002cb9e51bb8dfa89640a406a1090a
SHA149ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA2563dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c
-
Filesize
80B
MD59e72659142381870c3c7dfe447d0e58e
SHA1ba27ed169d5af065dabde081179476beb7e11de2
SHA25672bab493c5583527591dd6599b3c902bade214399309b0d610907e33275b8dc2
SHA512b887eb30c09fa3c87945b83d8dbddceee286011a1582c10b5b3cc7a4731b7fa7cb3689cb61bfead385c95902cab397d0aa26bc26086d17ce414a4f40f0e16a01
-
Filesize
135B
MD54055ba4ebd5546fb6306d6a3151a236a
SHA1609a989f14f8ee9ed9bffbd6ddba3214fd0d0109
SHA256cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5
SHA51258d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a
-
Filesize
160B
MD5a24a1941bbb8d90784f5ef76712002f5
SHA15c2b6323c7ed8913b5d0d65a4d21062c96df24eb
SHA2562a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747
SHA512fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2
-
Filesize
176B
MD56607494855f7b5c0348eecd49ef7ce46
SHA12c844dd9ea648efec08776757bc376b5a6f9eb71
SHA25637c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd
SHA5128cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a
-
Filesize
280B
MD54013ebc7b496bf70ecf9f6824832d4ae
SHA1cfdcdac5d8c939976c11525cf5e79c6a491c272a
SHA256fb1a67bdc2761f1f9e72bbc41b6fc0bf89c068205ffd0689e4f7e2c34264b22a
SHA51296822252f121fb358aa43d490bb5f5ce3a81c65c8de773c170f1d0e91da1e6beb83cb1fb9d4d656230344cd31c3dca51a6c421fda8e55598c364092232e0ad22
-
Filesize
280B
MD5fed4ab68611c6ce720965bcb5dfbf546
SHA1af33fc71721625645993be6fcba5c5852e210864
SHA256c41acdf5d0a01d5e9720ef9f6d503099950791b6f975ba698ccd013c4defa8c4
SHA512f9ab23b3b4052f7fda6c9a3e8cd68056f21da5d0fcf28061331900cac6f31ef081705804d9a9d4103ee7d9c9bdb6aa4237987b7e821d2d96cd52da24219e55ee
-
Filesize
331B
MD5d0ce8ff5cf7540932f36fe042b5add42
SHA1a52cf8672891ceb997886da5f1dbf1c250c7c360
SHA25658d948e0918597963590bd80ca87752fd53c6b85f716ad66ab6ae66a199e6b01
SHA512961aa37793ef18356d2c0019d25b2a33068610cb512d8e74193ef38ff57b1c256cfccc0e28c4e9485166d1b9ac3c0b03fb7a58e8b4b205b5ee5ebe019b903fce
-
Filesize
4KB
MD557bf5d80a8965885876336d140f26b74
SHA119ae51fb0414d07051713bd8b0a5d8aa37fdf85d
SHA256ff4c9e6012363e94dbb04d6dfbe5f09553753cceb964e7ddf87615e84afa4834
SHA5128cfbaf7152573d2e6192f7d94eddaaef08bbc64360ab539ad0c0d1dbbfe979f23e4a03ad7c1a86bb71061602801029dd5b748e6acb12c4d4c7aadf83f5d93044
-
Filesize
3KB
MD54f4bf2500cd35cca26532189d024d4f0
SHA1bea21231f451aeb73bb5fb93b6fab87aa566897b
SHA256366dd78a9a1c06860e42d9759427b9f7907a8a6e3b72d9596d3a6f98397fcc91
SHA512e66dd4cb9613b021e824430f17581753d46ac09881d140c70067c1f6835dac12eaba1c2e822a6e676159f0fa6f6d9d2c9f41a18688646c7174a118f0b4c4f996
-
Filesize
69KB
MD5164a788f50529fc93a6077e50675c617
SHA1c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48
SHA256b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17
SHA512ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4
-
Filesize
9KB
MD53d20584f7f6c8eac79e17cca4207fb79
SHA13c16dcc27ae52431c8cdd92fbaab0341524d3092
SHA2560d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643
SHA512315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
6KB
MD56c4d75b3f64cdb2a96ab992bfd0ebd4d
SHA117cb0b5b5545aad17d7d377b3c571186954835f6
SHA256ad6ea1d4e40e28fc301cd036deb46ee689e7a7d624b691242b1324325aaec7ed
SHA51234709d08d201d234753e3dd44c8ad3add0af16efcfe616c3e304cfc9e6342ce3f44b50116466d549ebf3f06b2c22225bcb69f435d0b55e9f28323e6ebd2bf362
-
Filesize
6KB
MD5f228f9114cf0353a73fa9146c25f63c6
SHA1b801e1a69492853a72cc4c7865d805fca447b89f
SHA25693942f484abd22207e827847adb3c4346f1c8c076bfaf410df87d1618bc9640c
SHA5125e649a282f55cc97b5432c9e021ac4c2a2495399bbdca23a6c40be51b4a7a0c849f5732fdd00e24a27b96b9ea7083602e2366bb40556bad092b68a7f86f3ff30
-
Filesize
6KB
MD56cbf6f1b6f15685d723643976277f460
SHA18ee6389416bec65893daf78c07bc6a0faaf0781f
SHA25681a23c7dceb2fd0a5e24e2c7e03468c24bd714349a39c01394c9310ce3e177de
SHA512187430590d928fcbfb4ecb4fcc01c0807f12d6ba96d9083e5cc9e6feff5c930f6da98ff85b24756fc90f4c38b80540002adc49fde0b5c418191f443cbdb3401d
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
15KB
MD53f218bfa2c9613c9aa4d386786b35210
SHA14563f4f8cfed3460c59e8450ab7a4f426a1c646b
SHA256ad8d2a828168b0d2723a51e02738136bf11c8986f100b007f99d89631780f89b
SHA512870bd24e0fa33a15e100d01a2f838eb36ebb85deb29dfe99df7c004b3df04b43f01f59c2df0d45ddc215712663397fc72a3e5a0fcd81d9367c83385ad3456138
-
Filesize
14KB
MD58e9b399c7d9726eb1a4dfa8d67ec9c76
SHA11ecd7c2bc63c3680ed5f4344cd7946a2f65bfa44
SHA256c1ea71c9602c2d26247b8d9c81c491049ef59ff56c7a9690e71974ec5a4de613
SHA512c8241c2797eab0af32458364a6ca90f29d69a0bcccc1090e171538548eaf2fa3d84d4edacba3e0dfc79ccbce30110c06478bde1ce48d1e7ff446843af010d39f
-
Filesize
36KB
MD55c26346f75f713af6c052cfc9bace522
SHA1681446d75248f9358357308d7127fd16d4f9ff44
SHA2563a712170719006be2b692aa9d4875a662a3975ccd8899934ede8cf5b268dabf2
SHA51271b6f662175b8216506bd6190dde324aefad04b65dd5c6ed6d3f24ae0ad61dc58b58ef0d13caad60fec5170775faa8f386d50a4875b976ed73025d7488df4200
-
Filesize
4KB
MD57c6ef2c05d7bf1386fecdef376ad8fda
SHA1f0d11b1a5d7412b969689a78f73c064a7fd4731d
SHA2562955022d93c2f34a1b91f6abba2739459ca6d58194a2050a42ee36cc3e1f0fdf
SHA51207c9758c8106485b51f2b0ebe99f6ebb4ed7a10bdb2426c6ff9bb5f3426aee9ce94267456d3834e3ef0d3fd005c88641433b75949a8367d7de56a805891146df
-
Filesize
880B
MD5f25d91b946f59a02570d436e9a030acb
SHA1c000ee15d357ad8137a26abf7f6ac02eed7064ee
SHA2569611fcfe9e8ea797cfc3805160ef6c24161ab539fbb606cfd74207303f56cb70
SHA512f6e50f8d55d026005bf3d6a09e54cd0fa26d9036b0ad06484a90f2988de1caf6e41b489f9cd61a3851af75d532f300c5669e8255b1ddca791c65e8a80b8e0bd4
-
Filesize
21KB
MD55427163e7bceca09f302d060e3c8c3e1
SHA15909118bd61384444b54f702ffbb575f75d2d817
SHA256a16e152a3dd762ac37504d229a9f01f8eea40ea1762b020d0c1e19bf4feba792
SHA512276751ddc6aa668e3662376d11dd01b567edfe2d6741b6f6a12419526e84b47ce806e81d63e9cae26be0617ce2a6d0517ad4e9809cb24c70dff28a5f4957d534
-
Filesize
469B
MD5bc8c1ebcf70410af464ef29119e5e024
SHA1a4ffb81aa703aae25b6dc9303e2c2dc2c7abf6ca
SHA256af01377f9b8d67a65f2a9f59185720a53a1408fd26e3e193ff6f1521980a2a96
SHA512ec7ff161872490c8ef95d81ce35cc1675b1b4c737ced94aceb94eb912839fc252487ff878dd26f2341457157572e8d50286ea84fdb19694dda36c43e7e61330c
-
Filesize
19KB
MD5d367314b34204cd99d4993c33020ecaf
SHA1eb136fd3e827361884bda4930685c6a5a7ec7604
SHA256f182b48ca3470af0d05cccf7aa63c20c7ecf00ca887249f577436656f1417e7a
SHA512a947e7ebc1d1fa80168afbe279e55949e8eb4879f93342afc462d16c974cf7376820bf05b2121ac1447dc9276e002743df0e01ad2bea55f7a6eee7c5afd812f9
-
Filesize
3KB
MD594406cdd51b55c0f006cfea05745effb
SHA1a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9
SHA2568480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e
SHA512d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3
-
Filesize
8KB
MD5951ab29f73a1d6f3fcff6f6025971eb1
SHA1b52b90a409295c02907aa1ccd1ab21fb9a4db227
SHA256267cd00b33a438c655c531f203b74cde56a9890e2459825b13bd3c88be22db5e
SHA51204111dd8a5c04087da41d7b595e9ac8412978b574ddb106751be97f13d748e6b752248d0a81d535e12c8361755e3374397b9b6078ffef2516b3bbdc57cf22bae
-
Filesize
30KB
MD58de2ef9600b40888d0a97a7528c139d2
SHA119fc80985c4330bbe54b272a61e59bd48cf8a9b7
SHA256b6ef327c8a09669420863d90831d23498d92be7223369d799daad8f281b7384a
SHA512fba4b336c9634f43e8870ca065aaa847f2ef2315919df41be198d07646894a3184bfad4870eaa04753810e2def5aeeaa611951b9a250e6071158e8fe41b3530d
-
Filesize
39KB
MD5cf97740b1ab3297a4fc7e073b2ed1282
SHA15b2f01e3a2c2d63651013aebf3c6e58d8840bcfb
SHA256d19df13a12491fc2d569daa2cf0932e2d5592f38893aa814f2174afd93865292
SHA512cb8d2574cbce8a59064375ba7fcf328fe5467e1e6a37df6a73eb9410ba9badfe25de7f10703385b95274176f62b367601db170b1c99449daccfe25144b5db82e
-
Filesize
7KB
MD5c6733b5b49c95af35e5eeca5d8c42894
SHA1a3f7cfb3e0d81a175c9157f955bcaca9fc8de6f0
SHA25684138a697d9e0ccb1e24ca0ddf102bc2b14c2fcd806ba4c50eb280be7a05a43a
SHA51295c7f0e3d49dfdef24dc8d42cc5212de4d04a826252c0305c03c916df29fabc748ce8453371e57668db40ea75030af653132fe055727dcec886406d2df8a210b
-
Filesize
8KB
MD5d5cadfc75f47c9976fe1927b16c7f487
SHA1ab06a2cc1aeafa9ccd31a490058b1f593e16c61f
SHA256a71ccdee6f0c06d9d4129c14a3b2e2624250a724af3c4e6c071c38bbaa4f2a5b
SHA5122a8788db2aa53ec0f38873593b84a30a0586b92426d846b724631536c4fe782eb8d81503a32e3672afeb45619b9aa14d0ccf8ebe3875da3653189a6d1d53dec5
-
Filesize
6KB
MD5b4434830c4bd318dba6bd8cc29c9f023
SHA1a0f238822610c70cdf22fe08c8c4bc185cbec61e
SHA256272e290d97184d1ac0f4e4799893cb503fba8ed6c8c503767e70458cbda32070
SHA512f2549945965757488ecd07e46249e426525c8fe771f9939f009819183ab909d1e79cbb3aeca4f937e799556b83e891bbb0858b60f31ec7e8d2d8fbb4cb00b335
-
Filesize
2KB
MD5499d9e568b96e759959dc69635470211
SHA12462a315342e0c09fd6c5fbd7f1e7ff6914c17e6
SHA25698252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d
SHA5123a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905
-
Filesize
6KB
MD573424dfd5f0aa4bbd3753c2111308cf3
SHA1c4b9acb2964a8cdb1454ae866bb675200901ab10
SHA256a5ac9a359b09a5a2e76e40d97cf5e8e7bc8b2c96dbe4ce94a9ed4dcaa2d31550
SHA512a7329abcaea12a6f875f915aabf8039785571f54abb089c07b465a8bc334600788d46bbcd71d615b13180e09785183d1d833d98909c32ad07372dbc09808cc5d
-
Filesize
2KB
MD508d5b5d803c7ef6fb324382ff2ea204c
SHA147d27d8511ef8fa20cb9a57bd96405420dd33332
SHA25695d36aaa460e9b71e3bcabe5a15b705da2559e6934a0601518b3f3a9a30ae152
SHA5121488607fba0ea34f17d69292480a74ec3f6acb959cc38edb40469b1911dcbe054ff08b1a1b1d5d326529f91e3b451ad06c86f1faa5d55db7062345089cdf00ba
-
Filesize
152KB
MD5dd9bf8448d3ddcfd067967f01e8bf6d7
SHA1d7829475b2bd6a3baa8fabfaf39af57c6439b35e
SHA256fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72
SHA51265347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de
-
Filesize
1B
MD55058f1af8388633f609cadb75a75dc9d
SHA13a52ce780950d4d969792a2559cd519d7ee8c727
SHA256cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA5120b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21
-
Filesize
10KB
MD578e47dda17341bed7be45dccfd89ac87
SHA11afde30e46997452d11e4a2adbbf35cce7a1404f
SHA25667d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550
SHA5129574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5