hxxps://shourt[.]at/hpcVf

Resubmissions

28/03/2025, 10:27

250328-mg376awqy4 4

28/03/2025, 10:09

250328-l65a3swpv9 7

Analysis

max time kernel
209s
max time network
208s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 10:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://shourt.at/hpcVf

Score

7^/10

discovery execution motw phishing

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3975168204-1612096350-4002976354-1000\Control Panel\International\Geo\Nation	WScript.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
767	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	4048	msedge.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\lt\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\fil\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ur\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\kk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\am\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1590789179\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_2036314561\deny_etld1_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_327744350\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_327744350\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\offscreendocument_main.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1590789179\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_2036314561\deny_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ta\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\mr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\fr_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\zh_TW\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\de\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\hu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\is\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\hr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ka\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\my\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\zu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\gu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1590789179\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\et\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\be\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\kn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\fa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\hy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_690790272\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\bn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\gl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ms\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ar\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\en_GB\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\az\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_690790272\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1225041159\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\service_worker_bin_prod.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\page_embed_script.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ja\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\id\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_2036314561\deny_full_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_2036314561\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1225041159\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\lv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\bg\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\sv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_176892234\sets.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ne\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ru\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\ml\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\th\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1995739703\_locales\eu\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876302040661272"	msedge.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3975168204-1612096350-4002976354-1000\{EACEB251-3FD6-49F8-BD19-F204CEFC90E6}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3975168204-1612096350-4002976354-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 9 IoCs

pid	Process
7152	msedge.exe
7152	msedge.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 49 IoCs

pid	Process
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	976	taskmgr.exe
Token: SeSystemProfilePrivilege	976	taskmgr.exe
Token: SeCreateGlobalPrivilege	976	taskmgr.exe

Suspicious use of FindShellTrayWindow 55 IoCs

pid	Process
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe

Suspicious use of SendNotifyMessage 42 IoCs

pid	Process
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
5344	msedge.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe
976	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5344 wrote to memory of 2444	5344	msedge.exe	86
PID 5344 wrote to memory of 2444	5344	msedge.exe	86
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 4048	5344	msedge.exe	87
PID 5344 wrote to memory of 4048	5344	msedge.exe	87
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5268	5344	msedge.exe	88
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89
PID 5344 wrote to memory of 5900	5344	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://shourt.at/hpcVf
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x264,0x7ffe9cf2f208,0x7ffe9cf2f214,0x7ffe9cf2f220
  2⤵
  PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1928,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=2316 /prefetch:3
  2⤵
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2280,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=2276 /prefetch:2
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2512,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3088 /prefetch:8
  2⤵
  PID:5900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3512,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3532,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3556 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4992,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=3580,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3612 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5216,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3708 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5224,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5600,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:8
  2⤵
  PID:5800
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5744,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
  2⤵
  PID:32
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5744,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6060,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5024 /prefetch:8
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5084,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=6176 /prefetch:8
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=4816,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=3680,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3616 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=6156,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:5692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4976,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3716 /prefetch:8
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6356,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5008 /prefetch:8
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3700,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=4908,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=5404,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=5488,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=6772 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6708,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=4296 /prefetch:8
  2⤵
  PID:5996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=5348,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=6884,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=6908 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2116,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3608 /prefetch:8
  2⤵
  PID:1200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --always-read-main-dll --field-trial-handle=6688,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3688 /prefetch:1
  2⤵
  PID:2124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=5408,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3704 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=7312,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7620 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --always-read-main-dll --field-trial-handle=7668,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7300 /prefetch:1
  2⤵
  PID:2452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --always-read-main-dll --field-trial-handle=7700,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7712 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=7172,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7844 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --always-read-main-dll --field-trial-handle=7160,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7956 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --always-read-main-dll --field-trial-handle=7480,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8012 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --always-read-main-dll --field-trial-handle=7464,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8088 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=8260,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8236 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --always-read-main-dll --field-trial-handle=8480,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8624,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8600 /prefetch:8
  2⤵
  PID:2072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --always-read-main-dll --field-trial-handle=8460,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8584 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --always-read-main-dll --field-trial-handle=756,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8664 /prefetch:1
  2⤵
  PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --always-read-main-dll --field-trial-handle=8776,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8760 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --always-read-main-dll --field-trial-handle=9100,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9040 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --always-read-main-dll --field-trial-handle=9276,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9256 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --always-read-main-dll --field-trial-handle=9408,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9432 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --always-read-main-dll --field-trial-handle=9580,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9592 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --always-read-main-dll --field-trial-handle=9616,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9280 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --always-read-main-dll --field-trial-handle=9412,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9888 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --always-read-main-dll --field-trial-handle=10032,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10056 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --always-read-main-dll --field-trial-handle=9380,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10184 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --always-read-main-dll --field-trial-handle=10352,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10368 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --always-read-main-dll --field-trial-handle=9564,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=8468 /prefetch:1
  2⤵
  PID:6224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --always-read-main-dll --field-trial-handle=9048,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10420 /prefetch:1
  2⤵
  PID:6292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --always-read-main-dll --field-trial-handle=5692,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10728 /prefetch:1
  2⤵
  PID:6356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --always-read-main-dll --field-trial-handle=9284,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10888 /prefetch:1
  2⤵
  PID:6440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --always-read-main-dll --field-trial-handle=11028,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11040 /prefetch:1
  2⤵
  PID:6448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --always-read-main-dll --field-trial-handle=11188,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11212 /prefetch:1
  2⤵
  PID:6568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --always-read-main-dll --field-trial-handle=11336,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11084 /prefetch:1
  2⤵
  PID:6620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --always-read-main-dll --field-trial-handle=11480,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11500 /prefetch:1
  2⤵
  PID:6628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --always-read-main-dll --field-trial-handle=10188,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11716 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --always-read-main-dll --field-trial-handle=11316,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11764 /prefetch:1
  2⤵
  PID:6808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --always-read-main-dll --field-trial-handle=11868,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11632 /prefetch:1
  2⤵
  PID:6920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --always-read-main-dll --field-trial-handle=11492,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10440 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5260,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11540 /prefetch:8
  2⤵
  PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=11936,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=10404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=10476,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3388 /prefetch:8
  2⤵
  PID:6924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=11904,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:8
  2⤵
  PID:6180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4036,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=9784 /prefetch:8
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=10172,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=7376 /prefetch:8
  2⤵
  PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --always-read-main-dll --field-trial-handle=8592,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11976 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=11568,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=11448 /prefetch:8
  2⤵
  PID:4272
- C:\Windows\System32\WScript.exe
  "C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\Сканований документ_044.pdf.js"
  2⤵
  - Checks computer location settings
  PID:2176
- - C:\Windows\System32\wscript.exe
    "C:\Windows\System32\wscript.exe" "C:\Users\Admin\Downloads\Сканований документ_044.pdf.js" /elevated
    3⤵
    PID:5680
- - C:\Windows\System32\wscript.exe
    "C:\Windows\System32\wscript.exe" "C:\Users\Admin\Downloads\Сканований документ_044.pdf.js" /elevated
    3⤵
    PID:6156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6348,i,222612032189664707,7597884349808030901,262144 --variations-seed-version --mojo-platform-channel-handle=6068 /prefetch:8
  2⤵
  PID:5852

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:3412

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:3452

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1225041159\manifest.json

Filesize
118B

MD5
3e4993f878e658507d78f52011519527

SHA1
2fce50683531c5c985967a71f90d62ab141707df

SHA256
a2fb35b03e24f5ba14cbe0e3c3d8cb43588e93f048878b066fd1d640ef8e59cb

SHA512
9d24ef876ac989e50e9d4d06732a4c4f61e12df366b3d4e5ff93d6a60badac36c3e55e7f13c2539ecb525017490a887fc56580ef8e83483019041ad9b13358d5

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1590789179\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_1590789179\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_176892234\manifest.json

Filesize
85B

MD5
c3419069a1c30140b77045aba38f12cf

SHA1
11920f0c1e55cadc7d2893d1eebb268b3459762a

SHA256
db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

SHA512
c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_2036314561\manifest.json

Filesize
176B

MD5
6607494855f7b5c0348eecd49ef7ce46

SHA1
2c844dd9ea648efec08776757bc376b5a6f9eb71

SHA256
37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

SHA512
8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_327744350\manifest.json

Filesize
53B

MD5
22b68a088a69906d96dc6d47246880d2

SHA1
06491f3fd9c4903ac64980f8d655b79082545f82

SHA256
94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88

SHA512
8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_690790272\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5344_690790272\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
65044109d1beb8ed8d59560642cbc519

SHA1
0084485b0aa26069232fab51ee603682e8edfd17

SHA256
a1e0b448218678b30356cbbe4092ea091435e7450822a9748361b6e8b198962d

SHA512
96dcc68fe92f98c4329a8335cfffdb0849a52562431045ccc42076bda0abf3842491303fb669246bfd04e64113688d3f90000a09571dd76ff84b52e34e45f9b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c0

Filesize
70KB

MD5
638b28824ff7d2a8b5eca31267ffaf3d

SHA1
51c91fb5de5248d6dbbe194565231c4bbbc197fb

SHA256
a2477313b8f9735a83fff20ff6624d26a13c893601a3cf6148bc997022913011

SHA512
0eb506d4d9f7bf3aef60dc2d69135a1eb6c9748eca15f721cf5310a7bfe131e21c3504dd75ad986ddfcde907cedd8522caa64845de1794000c2fe7a477189af5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c1

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c2

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c3

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000e4

Filesize
97KB

MD5
c23b7eb0fd7cce42baccdcf452258a04

SHA1
6f2369a93de91b9b5d00ecf3826b64c951d3bc42

SHA256
19ce28591ac4fa0f34876fde1788180065e3d8c8f7da5352868b1628acee7177

SHA512
a54932e3a1400ed9f45c1012ad494213be48db890a8ba0c69828193b651fc562415bc279d9bb77b834eaaea5f81dc09fce577221bca411cdfa07ddc1f8b29b94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
ead5da27cfed76437eb0f7b665bbf940

SHA1
e566376b9958e423a93d10cfcefa26718fa3f38a

SHA256
7c64619fd13bc0f86224a6430a57a45ca0578ae335ffb6476758d9400278bdd4

SHA512
6d09ccc86c774a59ee303ddea96def5347aa9315d95c0e27fa9aa9078ee6a78607c6f4876db3c4b115b13733d29cc605c94028812871d6bed330ded0714105ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
25701d606636c61223a588d9428ff55a

SHA1
bc824ee0183d137eb3e6e2b5706eb6088fb2ef1a

SHA256
6d95d6d9f3a51720b36e2f23045f9294da60ed95422bf4b9e1043f371edcf91b

SHA512
f3f5954786035248215caf8d73f9c6916b40fb9a0496884fcf035598ae0d43a3239c557fddeeee43147f3946605b7bbd2360ecc3de8220288432655e4c934c9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
23a36329cd01b32cf8fab8f49f133346

SHA1
96677c7fe00e3ac6e64101fb67f2f7ae8f7fa4c8

SHA256
9b4fdea50cde8592374566deaa0dd2531f8d76a7f408767c492af9145a4b77ab

SHA512
2967f9162f145eebd1cb3650dc0f581fda5abf52c027eb9ddcd480c8f66e2d535607cbbb3889025840265aab70b414bc87ef8dab0737c8e371886a3c792425e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe581c6c.TMP

Filesize
3KB

MD5
0cf842d9cb1950fb57251f5bbf2b94ea

SHA1
bd52d27fc37701964f1ca37c3829729d77ece70f

SHA256
ec1da0d6e5a32b4de1e720d02d4043441c340ee7bcd9faac42576b793ad4326f

SHA512
215eb2a2e9bc57807f452ee61f7b3fb339a7288e60538f49bc2b2d0e65ef94e21b3eef709b052a1cfa90ea049fe551f6d1fce5a2661dce6c9dd5c3d9b513749f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
3baa05636c725df6cdd73c8871492051

SHA1
e02abb9f04673723c5eb69856c5700e16a6dedf3

SHA256
52da39fad4da632e81d51ea66b0f135940187e80921f8a9fb8385da029e38d29

SHA512
a8da2622e24c0bef3a49b0040722d64e6122bc7fe932c56e9a5b96c40612fff825c8c572e47a40ccaf969f1ef6e30b40e466ad4a1eae179981f704a39290513d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
27KB

MD5
190afee38df537b8d874024a3407d542

SHA1
f54db04c7a64dda7772c133bb0e4549da10b5350

SHA256
b5682ce6025e08da893aab7abaa12586cf0b09855b650910ecc59e684a74549a

SHA512
021feaf10bb710b866249d4a866c8ba25ad3784e08b995bf01ff89b8a44a63b1a2ed73b3ed1a37c9f8f3e751c32c2dabf52b7b9cd2928bea18727ce221a9d57d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
27KB

MD5
58e3a620ba81d3ed1a3e02c7daba85f6

SHA1
f8218dee989228eb7bff56afac1bdc9d683d30f1

SHA256
d58f46e02f08a045ee2b7c1c6870ba54595f17c3bc6fce3d14afadcfe05066d5

SHA512
8b6f6d8287259ed03b6733835f15a9a38ebe5dcd07d4ed996ab688149450258670c2563503e718f0f99c5a41cb7953a70fc968d9384879d3d417b4f04652fd72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
211B

MD5
a3dd15892b9223e2c8fa24ea28607090

SHA1
2986786a09776db2b4d9f39d97cb1b55963f9716

SHA256
a942426c622f400a2c283783ea5cc8f06a00ef262042de7b1a3390f0b7e13a73

SHA512
b54b432decf5f607cdffdbf02c0c2aaa6fecb0ea02cdd212429718d9b1e9b21716e8af66a88141f60dddea72614a5af65ae5e6bccab9fb55776758e5607aa3fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
50dbcb9f9a64c3b390cf19c7192971b9

SHA1
bc9c788df78f955a29585173ee60251d49c9bdf8

SHA256
85be1c8e2e25bcdb6b2ba488da7e8fbfa9608c3283bd460ef907b31ccd9fe128

SHA512
6f7e76a10b7692c6b7d70a84817076c0b434b2f8d093e6dfabf3501633548de8bb230b773ab0a7f6c0144043ebd75d211dca5b5a8843dfb68d642197a5b62fc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
27f5741bd28d1561b710e39f5772b735

SHA1
2a0a152cebad46e44280488fdee044a173b27177

SHA256
7e04c4a4a95ff827b49fda7c5f6ccb7d96751397fe3c18897f9cdbd7a0ce8420

SHA512
7f727029170f2b5ac0eb1cb387c76f43d4b0f913c08875229c3207a70174bbe474c62e980730e31e8d79c76ea48aef457dd21e6ef7bbb5dcb106756edc2e9106

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
29KB

MD5
78bd47cb5855b1293785cef697639632

SHA1
d038a02f03979e8f48f2dc29f592743a3d5947d2

SHA256
1a215dfd5d2bc063f8699c696fa03c9f456637088d1976cb98acf70f6a105218

SHA512
965894a1797a8a6ad60d941c9a36528999d83f92f4180accbae3e0accfcc319c172c72a155beef9f62dc19e3c0878d1574883bddae33480878e7c02b19cb1f91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
18f2a66da85971e8e159d89fc6fba23d

SHA1
e1016f724bd79f39ebb3e67c3970ddb9dd03a7b6

SHA256
9ee72d5fdc7e5dd45a742b5a7406ce092bf32268da6355de51194c138b2c0476

SHA512
1ab3abb2febab3e6f78f26b86530cc84347c621571af5767d3c79485fca3746dff679cf77113c2daf67a9d99ec8eba599ef1641f40d770236298d309fb2865d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0664cb19-ad22-4ed4-b2cd-7c7d2d8a1310\index-dir\the-real-index

Filesize
72B

MD5
48ac639173ffdfb42a764b132962ebed

SHA1
3b8620e7f76f5d16b79307cb293c37e68608c558

SHA256
801257b6a2d2bda9c4022f5aee1206d36ea07ef9e6d8c068da77c556dc8daab5

SHA512
dfd2b96bd2e8014616eae9f499ecba3d69c23f0996659660a0fb624f046e7da8d6a3def4c6a01cf13c683e2435558eb90008be517a0010cf06593c7479d8f1ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0664cb19-ad22-4ed4-b2cd-7c7d2d8a1310\index-dir\the-real-index~RFe57fb86.TMP

Filesize
72B

MD5
a12c84229af8c0c9b8c3a33e68bff7f3

SHA1
fecbd6cd81a9203a3bd7d1ec18566c523b1bfaf2

SHA256
dd291a24ba501ee2785ee26522bbcd8626b990bd40542a8a6a334ca1315e9621

SHA512
ffb8157beb2f09daae5f052a46c98e05071a072eb322ea693a8f88f21113c6b7a36222eb1b23c0a85495c5359a5cc57eba20e04592397554e5251fa29eb81c0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\1a52410a-f4f5-4d88-9809-bfcc57e3d614\index-dir\the-real-index

Filesize
96B

MD5
82b8b43ea9d6cd9bc7bd29aa1e0663d0

SHA1
2eb5e96b7a35db9f211e01451502aed0f1fca831

SHA256
75b925b48f4b9808155bafc99c9f95cc06416af4294138deb3e8221deafc51d1

SHA512
4253286c28dd3f0d0dcb6cb1e52b89c7dd253a3be5f15b9874bb018bc316b4b234f089544368514a7352d2f28252e392c0d9e676c09d6c882cddf848592d51df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\1a52410a-f4f5-4d88-9809-bfcc57e3d614\index-dir\the-real-index~RFe580a6b.TMP

Filesize
48B

MD5
e8ac42a992e35df8636665bba63875c9

SHA1
5bb567993bc32836f7dffcab03c91fdfcd00bf65

SHA256
58c845e2176d9d3841f4e717d295744d2bde3ae233e0b60470f115bd6e4bb4b1

SHA512
5704b07f4c71281b3b2cd31ddd95c3a0569dd060ab4e83ad013dbc71df9dd594c3216a8bd0a66b65704440e5a4cce04ab1ebee12ef4e79f4f3d91fa538adc834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b063b10c-aa74-40e9-8097-2e7a6b21975e\index-dir\the-real-index

Filesize
2KB

MD5
752441ae6c25b85e0faa08a45ce1b5e3

SHA1
a7abf4348c8b606f12ae7163ddb9df9b6df31aac

SHA256
80a10fb6cd8aa1b0014964ccbac80e23170ff1f809796e668c33dbe5462a3b98

SHA512
b2e2ec9698b39457f6b744d984c1571829ba861e296d7d0920384f78a6969af28bb6a71d054f18a8e09d38178ddece4cc29f894c94ab52f3c73712a565a2c5df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b063b10c-aa74-40e9-8097-2e7a6b21975e\index-dir\the-real-index~RFe58076d.TMP

Filesize
2KB

MD5
fedfe9b78cac37aa2f74f8c8fcf51878

SHA1
d300dc74fe6fb0acf10e437372225b5aeb04ecf9

SHA256
ed18b7ea6c59c118dece32a36078b3335ca712331f0d24c761fab7a1c926ce15

SHA512
b7d36bbda2b1541edd02d23e80e712cf4fc29a243e0d86d169166d851a8306e4ce213795e883339966f5703694a2d85be640d293bc9c47c35fdb0c597fdf09ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b90a9dce-b22a-4b5b-8760-65ac93bf0dcf\index-dir\the-real-index

Filesize
72B

MD5
28593c33f046991e0f545efb21234f5a

SHA1
2131cccf164a4d0abceb0727799dbd7a41a14b15

SHA256
be9813b48458ba2525d2c388d82f47f0fbdb92202dfec498820393d77b5717b6

SHA512
5114590ea8a4b9c3d00aa63cac2ed72efed62c8dd18cb6e7211274d81667c9f2c1034daaa2809246540da934608165576fae92e1e96e86af141d65a3cc04a532

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
322B

MD5
3b68e232eb32355cbcb9b498955f77aa

SHA1
8edb484b2555fbc3f3f773ceb20e0b9cc61a559b

SHA256
00249445ba7e644c9c588c5eaf4cbf395f2aa2c2c27748de788eaeb7d3af5384

SHA512
58c85ab4417f66bad2e982361fb85cf92ee24074b5df8139fce8816259efe5034cd3be9e60071c1fac0de4296a2dfb0f263d348a78d58959c627b785dcc29b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
327B

MD5
2393307c72e1b0368bc8d39a7a4f9d82

SHA1
63f868d4b69d0a14cf46bceb66890eda89f96b6e

SHA256
6242d4b2b0688d97c692482008a85417d6930f06f603c1ae9c4cb52314f35433

SHA512
6dfd12a8064ca202e519c17f8bcfa0d049f3d2b3bd1b5578e76481e716444b1ee3467d5836a313d25bad9c32a53048bd0051dacfcc2aa54560af6860ef44253d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
7297817029f1a21890db553dcafaad40

SHA1
4bd46f95db87d13b5c47bab25142aed0d0626725

SHA256
4815d57e1c302cb5cdb611b14a6a3ea4a56a5f422843a593b43b8f6656e30267

SHA512
8f2700c84c9f6e66f998a7b8284e9011108f779636839aef308bbe86e06fb0603334ac93de73b992c4610451b5be455b13912a4836a6eb298e8bd26108103f4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580347.TMP

Filesize
72B

MD5
5dcda71779747804b941fd1f53fd510d

SHA1
44d2f2b151267dac142788f8923156465ba69bb9

SHA256
23d9d3991aa37e69f8cf5c762482b36991bb275556625bfcb643947f2dfea0d7

SHA512
54b1287b6d64ba8cf89872139ddbbf9f863771130b671ad5cf1b8c398b3f1056f4ac90aa79f39ebbc302ff6a0d29854ddfc6a97c7dbe6f1c8741e94b966d4065

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
23KB

MD5
404a58363e404df76ee75448bef055a7

SHA1
a8c1268f645297e6bcdf483fc44073113eb8d1a9

SHA256
930ff0e7217c4d3c1ca906df68fc3e5390d026421e1785389625315c719bc396

SHA512
be4ad86e2f5bf3a6ca20645a8d41a8c234bf381bd944b4895098350e5af6d438e401c1de29537cd3063d7c2a3ef82dc0a2108266488c91613f92502ac47d6166

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt

Filesize
113KB

MD5
60beb7140ed66301648ef420cbaad02d

SHA1
7fac669b6758bb7b8e96e92a53569cf4360ab1aa

SHA256
95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985

SHA512
6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
467B

MD5
77efe9fed8f9c7e0d9d0719a869b2bb6

SHA1
2bd1ff3cd0b97bc74edbe996df45e4831f6eab3d

SHA256
78a2b683379507ea2705b3c3334d7104f966da83c10a23ad0ff94a4f9f135213

SHA512
d24faa55788733c2eccd8672fc45d474a4544b08ea21f948a766348ec95c2f3cef06229586443cdccf3dad39fc2ef6648523af7738457c750f918b2945c85365

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
900B

MD5
c4ac470187c7e0d827883de088e81f9f

SHA1
c8cb25b55e34c7360ed3c286bb2dc4a725a5e912

SHA256
fa3d44c061058d321fe1332160dc27ff13a7fecd6a8f2c8358422dfe1fcd3a03

SHA512
9bb2e397ec47087d278f170a48d0db5280c17729ec90a8f337524b341de8ba0e4a8b7de5f1bfc04b7d8950c49b6696c25061dcfb5ea04ca2f463a70110f37c85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
6ea2e2a98f64e5cea42566f69c3a346f

SHA1
f28b86ad861202627c1788dfadae9ac5beed669d

SHA256
fec34c96f301fade4a875b8582534e8b34ddb306f437ca875221342309ad282a

SHA512
4c76ab9de96ffb872be08dc967aaf2cf3c397121501601f99fb0ad174e25348ebf758b58bf7e3a8a02b4b22fde81ce6565b6e33aab97469e6e0a891244a85f29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
1e9acda64cd6e9e67242d72a8fb26119

SHA1
02223f9d5cfc1d9d2b46fe2b5d48f284e316d042

SHA256
cc27ff47e89e51f830207c2c1c92a18a3cb008cba6510ccd90baf1550b45aa76

SHA512
f24bc0f4f87be8cdc4a6b858df88e79ff713807f73eb9405cf9c6063ddf45d65b1538e1ac02a7e86d3e9b1f2ed630d89f2d733b2202eee3e5dbf6dcc02c1ee21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
21609dfe45441edb3e485e0c611179e5

SHA1
79b893f747005e06a99f4f16ad37c60f6675fbdc

SHA256
8271e0c78e731e9fd5d7d4e591bdeba04ed8e691cd759556d362273c72334927

SHA512
81a2e6d04f208642cbea99e00147cdccadae86287cf188f09ebf23e07489531b5ddfbb76b9fcc34d17feb175368e7f5df29a2e78ba00cc7714babdf28bb79b61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
1644f43648196e6730653a01b3209239

SHA1
907c8e494c1a24d070936fc7dfc4552b54e3490f

SHA256
4cd983003abb0b2b80870668808c1ef6400aed6055d3d044e2087e60bccd8239

SHA512
bc4d7b3291566c905b8c0ed83b8872822b17eb43a75566c883afcc5c4c4f02f496003414cf18bcf2a26cbd46291fc3f7c2e76a6b3ae5ce7517ffd3a05bbe37aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
93eb0754236b9f06f406015ec9082475

SHA1
d23531c5e059d1b6caf12db4a7788c5bca2b6cec

SHA256
bac7dd41d36dc6e135fcc8b1876b1cab5a70aebbdc9c26cb4685961fe5711eef

SHA512
0fd3bd491eb20e9ae1e5ef3781bf93e38b546fe2321f6297055ea54623ee0a2534bb89127c32c937b561ddce2cc9742198cf09b6889555abc31dc92f187923ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
f19dea0d546bd25a7a9e39a5a43e266a

SHA1
cbb5eec744d11477cc9486076f9da533f3350fa4

SHA256
b161b55dd76609871f7fcbdca6bb225d15b5230f3e5da89495204c476a2a28cf

SHA512
836cae64b8b180fdc031740439fbee010340043918f9293060edf6cf78817ce5425e8ef7e22cec8e0271c9adaa095124918deab853ee5ab0dfa629f1ec95b62c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
49edd2293ec673b67be2049eb8ba7195

SHA1
3d9fca726ecfbe5a7cf83b67bd4cf8bf2dac638c

SHA256
ea06eb5df21feba40d27e0255c27d77dd1fbb3c72cd09ce228184b25604a50d5

SHA512
9152318a4c3cb74ce29d8037b4d97ef87482a1f4d54763feca01835491d13811028db5e7cd18315040f3c04f3187cba6c8de45f6cc2517efeaa1755c286eabd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
5a5191978e79e33b9d37fa649aba6acc

SHA1
34528ad824c1e40417e6c918828039449a10da8a

SHA256
cc1e0f3506d6b9299b9bba4a22188894d961801fa4b818eb7f68c6e0b45584c9

SHA512
db4b37a1591d7ea591e034476f5566373661479bf6441fe280a4fb5e928e321194a828a15c8a641a073503e7ca2a51302d1345eee267c397b47466d33d766d07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe587923.TMP

Filesize
392B

MD5
8c73f05698dc67d8b9782d58ea55e14a

SHA1
e8703f84fe4043aa700cafa75a958a6eca400b6a

SHA256
6523b5ceb349b311ddf6a5d29cce90f3234c4aef2cf813ace53d6d9b701fc5c8

SHA512
a9b050f48528f41651789193fdeee067ebdee4115432992f82b0e6816790439240541cba714d6012b1f177ee6b76fdd7b4a763462f15e783d63dd1b7a0abe779

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.3.28.1\typosquatting_list.pb

Filesize
628KB

MD5
bd5eeb9c4b00955e5a0f6a332d78cdef

SHA1
cf9e85ae41cf1ef2385a73ef36ebeb3c3378ea3a

SHA256
dbbea874b4b73aeb3ad17355c90f692767a947516481f158b7319f7c43f0e657

SHA512
2cfa521120dd1ab9c2cc90b74cd8d3f6f8991a086bd2dc1b9d225b08aeca8420f565e047f551ddf6d2149cfb02e4ce69b641e328a774dde7017ad374fd58eb96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
1e36d664121b528ba6b481fed74a141e

SHA1
88c00150e35cdbcb3ae20b696dd2fd8aa6486922

SHA256
cc69bd8bd1887efbcf1ba93bd8929d424636bd6b0302839acad15c29b1a0a762

SHA512
00ce7e3606e960a78d5b193f979834f54c76e45ae268c0475410a19012c36e1e53bacb1e96c0858c1c324cad85b271f962d37f12e38a4c6b58fa212929fa5b1d

Download Submit
C:\Users\Admin\Downloads\Сканований документ_044.pdf.js.crdownload

Filesize
2.1MB

MD5
b85284da7ae704d161cecd657e75887a

SHA1
f2d8409624feab5f451b0ceb20f11a4ab515a33e

SHA256
fa0679448daeda578e4b457f7db1856ffa0855f573a41deab456808bb92cc06f

SHA512
a311b925413e4f10e6ffbf03ef17ba94d8da29ea55476b5ac25997ccd889a6865898b128397708756918f0237086fdd30a0a68c9a48f7473ae7ded0134536f45

Download Submit
memory/976-2237-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2235-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2247-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2246-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2245-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2244-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2243-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2242-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2241-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download
memory/976-2236-0x000002B4DAE00000-0x000002B4DAE01000-memory.dmp

Filesize
4KB

Download