Resubmissions
26/03/2025, 13:56
250326-q8qmxsxr18 625/03/2025, 16:34
250325-t3db7asnz6 425/03/2025, 16:12
250325-tnkgyssmv2 7Analysis
-
max time kernel
100s -
max time network
96s -
platform
windows11-21h2_x64 -
resource
win11-20250313-en -
resource tags
-
submitted
26/03/2025, 13:56
General
-
Target
FirstLogonAnim.html
-
Size
101KB
-
MD5
d563f7a009fb7ac826c88dfd5cfe55d9
-
SHA1
92e3a38de7c6fae27bfb08f40c9d28780407c26f
-
SHA256
600d6151fe47eb99535638c7fed1183996d94ef603e0f8469383e058a3ed3f9f
-
SHA512
adf9f99b8419d4e1bf42be7a6128066df53d23359c319fe6ab3137811338778abaa2cb09d5411977edb9340491cc7a70a9c291fb2a2f6f8f2fb5270753903909
-
SSDEEP
768:5fDDI+fh378/tZ5vAiwf/ysFIVusFIVFDVgLRDVy18mCgLkm3y1km3gLRm3y1eDK:5bDIvwWxSAVUrhia
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
-
Drops file in Windows directory 6 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 3 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs
-
Suspicious use of FindShellTrayWindow 52 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\FirstLogonAnim.html1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x250,0x7ffde653f208,0x7ffde653f214,0x7ffde653f2202⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1900,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=2836 /prefetch:112⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2792,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=2784 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2220,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=2844 /prefetch:132⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3448,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=3532 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3456,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=3536 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=3988,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4056 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4064,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4120 /prefetch:92⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=4192,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4076 /prefetch:92⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=4176,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4252 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4196,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4044 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5516,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4164 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5228,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6180,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6192 /prefetch:142⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.execookie_exporter.exe --cookie-json=11283⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6248,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6248,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6344,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6424 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6488,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6432 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6040,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6852 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6412,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6832 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6876,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7020 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6540,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7128 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6552,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6528 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=6636,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7224 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6452,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7264 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6496,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6640 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6936,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6440 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=6548,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7384 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=6976,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7236 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=7576,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7556 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --always-read-main-dll --field-trial-handle=6268,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7688 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=7868,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7904 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=7876,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6508 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7908,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7832 /prefetch:142⤵
- Modifies registry class
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7664,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=6580 /prefetch:122⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8056,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=8180 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4612,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=8188 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8176,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=8104 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4668,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5304,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4468 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5456,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=4640 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7652,i,5767791076055225909,7615403489418455667,262144 --variations-seed-version --mojo-platform-channel-handle=7372 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
105KB
MD58903e0119ea643a520b1324be85e4463
SHA1e4eec3c1d7ee44d7b20eb73e3b2545615e88a8f4
SHA256182210d7a522e6787d155b44377a7a0cba03ef90ede565f99bd32f66b6cbf5d4
SHA5124c22d7cc027cef46744bdcbae7d03442cfa6f928ca745ce9381f53b058e7e23381dcac7aeca87f621df39e2961891c9ea319be2de036d387affd5daf9b048920
-
Filesize
3KB
MD56bbb18bb210b0af189f5d76a65f7ad80
SHA187b804075e78af64293611a637504273fadfe718
SHA25601594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
SHA5124788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d
-
Filesize
280B
MD53efb63e67ef28723c53eaefd2605ff52
SHA13cd41db79d8e8ee874aa9d93ac40995958cf27bb
SHA2565c17d20ce9fc55d9c6e2e8ae389b5bad2e6d3463d7b16d816c02cd741e7550c5
SHA512f8b6b82db4f3aff8dd6ae18be8a581094b5516ee735c8c1618dae8c627da8bda54e68d413ceb3309b8c93bb93dbaf81dabd7de0037c4b2d5fd229416da6aa1d3
-
Filesize
280B
MD5ca53cefa89eda1561903f2cec58af742
SHA166cc43f787136e1070d79ae51e3fdd4c0ddf6159
SHA25632e69371ea4fce52c45992bcb31113c9ffb90016e93d0f5f9ec119caa8a8cee9
SHA512a71715ec9c429d3ffb4e59b4e995e6698187ff8cfb5b3096dac9f54f0a87d02cc97ed181cebe55043bee5a75834ad1f893b72d345210459e92efa95404ee70cf
-
Filesize
280B
MD516324d67eebfa38055529e9e5f1f9ef0
SHA1d8e94ea2c3d5a7f4e73880055b9247e1014c5c1d
SHA256aec06bcadf691e0d12402f0c8ac092df48f1c2b4b77dae27d10ec618d27f8e95
SHA512ce528cf5233a9f3b40367f45612e7e11eeb89aba427a7b353109fc742681e99c8368e217a0d51f882c31cb6f88cf02dc9e352a01b86863749929d71f78864f66
-
Filesize
3KB
MD55f65fdc33a9010612bc0a9ec728e0892
SHA1b413d8b3a28422cd826bec2b13dc35b190e032fb
SHA2566a31475a50b2cca409ee4b788b454f5204773c6f1b5eacda1964889c43fe8053
SHA5128189e24a11d1907c98f55bc5f5004f4fe9de3acd10728fee75e7eb2c2f3bf17b1ac68a726fe748661a4010b34ca2ef4a1c1a82985ecc03356106b0a1985cd879
-
Filesize
3KB
MD50dc815dd2a2f63e9c950657d99a4b08c
SHA15720b012c6ce98942ff7ca14b1c7373fe85cb8cb
SHA256ddf20ebe061604c2bb2add3c8a760d13402744d3969ff587ff7d83a2841974bb
SHA5126600fd7520345f29bd76c3edbf26ace3ba73ea66e319b8c73cee401f3bd01cc6e3f3c06e1bfddf7a5949167666640e4574e3d6363e8a72d5cd3d49c0d44ea5ee
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
69KB
MD5164a788f50529fc93a6077e50675c617
SHA1c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48
SHA256b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17
SHA512ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4
-
Filesize
9KB
MD53d20584f7f6c8eac79e17cca4207fb79
SHA13c16dcc27ae52431c8cdd92fbaab0341524d3092
SHA2560d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643
SHA512315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59
-
Filesize
107KB
MD540e2018187b61af5be8caf035fb72882
SHA172a0b7bcb454b6b727bf90da35879b3e9a70621e
SHA256b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5
SHA512a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12
-
Filesize
2KB
MD5142e65f47586fd8216ce305ad2c9f530
SHA1408857d5a5a63948e8267ba91043ca46ba5c1402
SHA256c9f84636af440b559c2bb59303778abeb1236a0adba03734c7eedb9a2d1f12fa
SHA512c4ce65dd0fbc9cbfd8e2351194aaef046337a8d26ac9697997d9d9164add142ec8c1f8bc0cb936475a916004a9a2acca87795e19fbfe66c70a48641955385338
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
13KB
MD5d92e3b13f96ad9cbd3442b08a6c31f84
SHA137eed8174411bfcbcdf2682418669452874a9cd7
SHA2566f33c8288ae842aa91159bff31d98046310bc00dfee2a703c5219b65ad2259fd
SHA512d02df8f3972693afbf582839e36518b5268728ea3a26221fabc2ff8a042dbdecea9a2507fe505332451ae5e8675a3e4efae9be0c8a83c3e287f21dd647da893b
-
Filesize
37KB
MD514de2820c22c518088fa9e4fa9b0c9ff
SHA1d4f36a773239754dd0f7cea9e812bf0369e2c028
SHA25696b51aef6d02798dfa3c319c25799f471e0965edb0bb5b6e6d9eef5d11e0dad0
SHA512daa6d639215f175400cdae43ac4a4c14326ffcdd3323c2f429d336749b350f1f5312289591c66ad8e3042dc000d286cf5bbcec6512324cfa998554fbe8b5dbe7
-
Filesize
4KB
MD56de57ab027afb55645b0b104651f4cd7
SHA1865a25ba822fc9d08432052c88add821afca610b
SHA25600dc336d622de67d3a0d381cfd01d839d8206c90dbeb98c0b467e79fb4f2fc2f
SHA51220678aef8befc28af746387c61fa679813da59f1ca11380cc61bdecd81128a28f948020f93c48edbb067da913a7da1ad83831a9d3ce28982418e3fc92f897982
-
Filesize
23KB
MD53a438491efc572435cd387e27c710b05
SHA16ad5f2e6c416bb4f0dfaba906784b114ad26b182
SHA256f0241e13154336c78dedb63cd2a0dcb939ca605173786c284cb1833c115c96a6
SHA512839f30dbbd89ccc6c02e221d21812e65777715bd01c69712ad50194dedce80314a51ef07785971577bed1edf3a4da6277911d2e506ca2eb801dbdc8f83a1ffec
-
Filesize
880B
MD5ecdafccad7d72ce164d394e84817bbb9
SHA138329f8c0e81aac094e9018b587b88c1fa370d1c
SHA2565cd5825e281ecf1d8b281d3f457cda2826c8c5445be53e895d0082a89fef6a8e
SHA512ae909c1e6e0d59eb01e631b84cd4ee30661d364765abac2703466a58c34edda8badb05069210e8d3d9c98d9ef124e284d67404d05bc507394ea12755b521f57c
-
Filesize
469B
MD53894e8f26f22c9da4485f97f7a9459fa
SHA1bf0f38c83a9a18c6c9a9b3e84abef2b84fe8b939
SHA25630bad5d9dea483baf5bc18776e37be679cc1deef151a89948dcedda2b585031f
SHA512051f59a0d0df045cf7f7f482a7d5fc622cb269277f2dc758abdc175e11712af2225783f42078a91cf1f8237161bb55c2a2fb648d8e74794412783ec86f67c0f3
-
Filesize
21KB
MD597ffbea42e9a0795865f12dedaa14292
SHA182b1a9a09d849ca8e55914ceb05677991729de10
SHA25684db83a7515ea99283ea322d6ae8a7e806287e7e98771a53a5d0e3ff362ecd16
SHA512884e56e3e7419a5ce22725d8b39b6d9424c882185762fe6ebb3a5c67d65e87b846ecce8a26491019acd3ba79641f489a32e20e2c7b99576315352cca1f5a13a4
-
Filesize
3KB
MD5c7569efb2fa9fe93c0ea2f0896f54036
SHA1e231c700b778b624f6065b035e5803fdd8b4db4b
SHA2562422f055fd21adce7a027c3eaab1bbc474345a26cb1b9762b3d7572ebde67d3f
SHA512c394da9a75cca87f6e20cb2abbc2e087d3e374b613bbc960f255ebfc8f01d4349fc8a487ec56ff8141f47566cf021dc33196e42b6295ce5399ff78e5ce4b066f
-
Filesize
39KB
MD5132bd557b7cc19f9cb6fd39d4a2b0da8
SHA1d55ed931be21364723645c3ab34808cdbd74b6b1
SHA256e6b8c37afa670d220335cd4a450eabc188203f7ef819918ae45050f43cc21aeb
SHA5125d35411d808b86f3ac5107b6f2cb47d6f890f192a29a119e67af14574b0a45e37efdedec4363f7625605c190fdabc1f2d21e901f19f7c106b7c360addfe85974
-
Filesize
6KB
MD5396f169d2a793d48c54fd71d8420657c
SHA17afee8353db6676c57927a66b7ffea5fbca6ba2f
SHA2568f5c1add1ebbfa842b8ff09530a2821fc56161b147e14df4c0e40923a0a92376
SHA512efb288daee96641810fb28f72257d2182bce6c551bab8e977ddb3545b62739b84644faca9282e27b97a2cbe4b6ed865c20ed38f7c484671cb9190a301c6e6cc1
-
Filesize
7KB
MD5a1ced4a2456df7df21a0f592211428c6
SHA1f5a6b6c02311b298b853a813f4766d925507cc27
SHA2569346cb387361c67e6d68c8d050142cd5977e669533274c1376c74985639b1fe3
SHA512aeb6ecfc09cf787df5367a60064363d3ddf7dd6c7a6c7461f7b52d089490607546dad0d5f06c039fe196e61297914de2c6a9e53eca1c7ea6d6bced68d80794b4
-
Filesize
30KB
MD5abffe4a97cf4ac4b162a44d79e898b1d
SHA10e1701f8b5600f2e4e194a2a2f4c9c0ec7be86e3
SHA2563141e08341a476a3d41f1d2ede43eb8aa4d9cf7bb67dc4ec8420d461a97e5cad
SHA512cfe77d778af428aa0c8d16c2344c5f5ef9724e46cfbfb90483affa4a471ec302cdc1b4fa4c8b1af0fb786ae6f5df796e3d49a2e37d96bdebfb822fbf067adda3
-
Filesize
392B
MD5814be0266f767692feaf4133a391d1c4
SHA149b7bd7f4c044f71ac93156a9cce5e7c9837932b
SHA256952e97fea0ad69f2f8c260a594d05922725d7e7803be388ec3c25f19c0d1d474
SHA512fef5f39ba3c598cf32f59531d5896e8119b415e7ec70b3a7b4d71f08118c723db2362947266bdb0ba3ed89c9393ba5d4385a4146a8bd50c88e20a425224b738a
-
Filesize
392B
MD55c7735228248b4867142a99b7ef761f3
SHA1375d239f93a15419a80b105421a8e4be174acdf1
SHA256bc933a9dcef2fe734e2eee756adcfedf2fe7555c3fd90fb47a9f66af083bf4d6
SHA5128b5839fa319b0de4a4648167f57b40280c5eb55804cc6a8fd17a64b9ef551f8823a73f685e99284a1c4ce4fedb9aad1126726f791821eccbdb44c709f3834eb4
-
Filesize
392B
MD5804118d87e4dab3a3e185d34bccedecc
SHA12aa8a2ec2dba67429c0ca8b4f39730fc7bd7db6d
SHA2569501a596c895eaac66da18da4e3fa2d65b33eeb969e4914e0bdbb40427a7ae20
SHA512255ce09d762332f5a766c88bdd24f1b18e8250ceaab5e47a739bd3faec93636964e5bbee801c2252958a442d30c1af8b367f15d651b797cbb147c4136c2ee6a8
-
Filesize
392B
MD5a6b0e05c10efbaa5014ed6a97aa7b848
SHA16db88290bbe3f1d9740b493c3e6d8d2062203924
SHA25693a1a628612f29582ba24d90c21fedfa1d45e678dfca5417a7860e975865fb4a
SHA51202a451de830e093a9150bf6cbdef0aabe4873df42d69d1b2f5653eb63bf9cb526a0c6f671eedf4ce887e7ae07eeb0db48d05b4f82f6cdb40be528864c541d3f0
-
Filesize
392B
MD538e34d20f1b185b04cc1b5e321178760
SHA1e04bd6710f2afb31c6919d5f7e42eeae5c2e92be
SHA2565c4c6ed6ba4632369f51a70511145d0fce700fd9597cb9bfa57a50409fe38f7a
SHA512cef34eaabbbab75240be684c93e22e362c64621cdac0ed9bca7d3b096d23298a0162eb698036e2c76286dbd63f978c84e989e9113fb9f062aa81f75ce528b119
-
Filesize
392B
MD512553b84ea2f94557f68efebe741edf6
SHA1514746cbcdfdbbb6f12e7ebe2a3a5342df8bbd37
SHA25687394fc0be4644180825eb17ae2547ace6c3f01841e2f45af19ab2d8072254b9
SHA51239a04a7cc8cc536e918beabc33f104110cc3eceb3b60ca1a52f45a326666d76c8b61add8fde7b4f33a9bcd31b52b883e66c23ef04ded8108889b7ea8b9d4db49
-
Filesize
10KB
MD578e47dda17341bed7be45dccfd89ac87
SHA11afde30e46997452d11e4a2adbbf35cce7a1404f
SHA25667d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550
SHA5129574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5
-
Filesize
1B
MD55058f1af8388633f609cadb75a75dc9d
SHA13a52ce780950d4d969792a2559cd519d7ee8c727
SHA256cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA5120b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21
-
Filesize
152KB
MD5dd9bf8448d3ddcfd067967f01e8bf6d7
SHA1d7829475b2bd6a3baa8fabfaf39af57c6439b35e
SHA256fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72
SHA51265347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de
-
Filesize
134B
MD558d3ca1189df439d0538a75912496bcf
SHA199af5b6a006a6929cc08744d1b54e3623fec2f36
SHA256a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
SHA512afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2
-
Filesize
43B
MD5af3a9104ca46f35bb5f6123d89c25966
SHA11ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8
SHA25681bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea
SHA5126a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1