hxxp://sdd | Triage

Analysis

max time kernel
297s
max time network
293s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 20:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://sdd

Score

6^/10

discovery motw phishing

Malware Config

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned. 3 IoCs

phishing motw

flow	ioc	pid	Process
164	https://stake-errors.pages.dev/ip-blocked	2444	msedge.exe
164	https://stake-errors.pages.dev/ip-blocked	2444	msedge.exe
164	https://stake-errors.pages.dev/ip-blocked	2444	msedge.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\edge_checkout_page_validator.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\vi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\fa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1091561284\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-bg.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-cu.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-gl.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1133977696\Filtering Rules-CA	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\hr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\lt\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\gu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1981392972\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-mr.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1133977696\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\edge_driver.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\ro\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\tr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\pa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1278385896\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-el.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1133977696\Part-IT	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\edge_tracking_page_validator.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\eu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\ta\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\fil\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-be.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-es.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-pa.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-und-ethi.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\lv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\cy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_709232098\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-de-1901.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-hi.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\edge_confirmation_page_validator.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\offscreendocument.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\zh_HK\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_14664557\data.txt	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-fr.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-it.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-mn-cyrl.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\ka\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\sv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_606526800\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-sv.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\de\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\sl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_709232098\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1278385896\typosquatting_list.pb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1278385896\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\page_embed_script.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\pl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\ru\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5332_258021686\_locales\es\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping1240_709232098\_metadata\verified_contents.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876676480316931"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{F09B1E27-79A5-4ED2-94F5-8A7F91357F37}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{41218760-4DF8-4804-83CD-CFFFA7D063FE}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{C590E227-C206-49C2-AD7A-610DAC101166}	msedge.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1240	msedge.exe
1240	msedge.exe
2416	msedge.exe
2416	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs

pid	Process
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2808	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2808	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe
5332	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5332 wrote to memory of 5580	5332	msedge.exe	89
PID 5332 wrote to memory of 5580	5332	msedge.exe	89
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 2444	5332	msedge.exe	90
PID 5332 wrote to memory of 2444	5332	msedge.exe	90
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5532	5332	msedge.exe	91
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92
PID 5332 wrote to memory of 5560	5332	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://sdd
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x268,0x7ffc1c05f208,0x7ffc1c05f214,0x7ffc1c05f220
  2⤵
  PID:5580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1908,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=2444 /prefetch:3
  2⤵
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2416,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=2404 /prefetch:2
  2⤵
  PID:5532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2488,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=2948 /prefetch:8
  2⤵
  PID:5560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3456,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3476,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4804,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5164,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5420,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=5836,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=5000,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --always-read-main-dll --field-trial-handle=5996,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6012,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4324,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6384,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6408 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6384,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6408 /prefetch:8
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6632,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6652 /prefetch:8
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=3904,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6368 /prefetch:1
  2⤵
  PID:2536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=3912,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6652 /prefetch:1
  2⤵
  PID:268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=6408,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6676 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=120,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7180 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=7152,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7448 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4792,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7512 /prefetch:8
  2⤵
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6788,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7496 /prefetch:8
  2⤵
  PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7484,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7288 /prefetch:8
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=7512,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7116 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=7476,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6864 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=7456,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7208 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=7620,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7572 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=5176,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=2588 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --always-read-main-dll --field-trial-handle=6796,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7176 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=5248,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=7248 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=7276,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7952,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6776 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7984,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=8012 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6288,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6208 /prefetch:8
  2⤵
  PID:5448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --always-read-main-dll --field-trial-handle=7784,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5636,i,11150920437008522537,7350985045709272088,262144 --variations-seed-version --mojo-platform-channel-handle=2964 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1240
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x280,0x7ffc1c05f208,0x7ffc1c05f214,0x7ffc1c05f220
    3⤵
    PID:1404
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2168,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=2164 /prefetch:2
    3⤵
    PID:2612
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1828,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3
    3⤵
    PID:3900
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2380,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=2936 /prefetch:8
    3⤵
    PID:3304
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4000,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=3792 /prefetch:8
    3⤵
    PID:2616
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4184,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4228 /prefetch:8
    3⤵
    PID:2416
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4184,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4228 /prefetch:8
    3⤵
    PID:2956
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=564,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4628 /prefetch:8
    3⤵
    PID:5376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4444,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4656 /prefetch:8
    3⤵
    PID:3784
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4432,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4708 /prefetch:8
    3⤵
    PID:4952
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4172,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4396 /prefetch:8
    3⤵
    PID:4036
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4948,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:8
    3⤵
    PID:4448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4912,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4396 /prefetch:8
    3⤵
    PID:6052
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4832,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4920 /prefetch:8
    3⤵
    PID:5636
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4964,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4100 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2416
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4856,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4860 /prefetch:8
    3⤵
    PID:4132
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4300,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4072 /prefetch:8
    3⤵
    PID:2840
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2716,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=3964 /prefetch:8
    3⤵
    PID:4052
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3964,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:8
    3⤵
    PID:4236
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4012,i,4344216527432416131,5794267541560515569,262144 --variations-seed-version --mojo-platform-channel-handle=3196 /prefetch:8
    3⤵
    PID:5952

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4788

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:6016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:5220

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x394 0x45c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2808

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4284

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1091561284\manifest.json

Filesize
176B

MD5
6607494855f7b5c0348eecd49ef7ce46

SHA1
2c844dd9ea648efec08776757bc376b5a6f9eb71

SHA256
37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

SHA512
8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1133977696\manifest.json

Filesize
116B

MD5
2188c7ec4e86e29013803d6b85b0d5bb

SHA1
5a9b4a91c63e0013f661dfc472edb01385d0e3ce

SHA256
ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62

SHA512
37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1391416636\manifest.json

Filesize
145B

MD5
465cc76a28cc5543a0d845a8e8dd58fa

SHA1
adbe272f254fd8b218fcc7c8da716072ea29d8ba

SHA256
e75fb1fa1692e9720166872afe6d015e4f99d4e8725463e950889a55c4c35bb9

SHA512
a00286cd50d908883a48f675d6291881ad8809dcae5aca55d5d581e6d93a66058e1fe9e626852bf16e5bb0c693a088a69d9876ccac288181b1f74254bf1da1a2

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_14664557\manifest.json

Filesize
53B

MD5
22b68a088a69906d96dc6d47246880d2

SHA1
06491f3fd9c4903ac64980f8d655b79082545f82

SHA256
94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88

SHA512
8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-as.hyb

Filesize
703B

MD5
8961fdd3db036dd43002659a4e4a7365

SHA1
7b2fa321d50d5417e6c8d48145e86d15b7ff8321

SHA256
c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

SHA512
531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-hi.hyb

Filesize
687B

MD5
0807cf29fc4c5d7d87c1689eb2e0baaa

SHA1
d0914fb069469d47a36d339ca70164253fccf022

SHA256
f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

SHA512
5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\hyph-nb.hyb

Filesize
141KB

MD5
677edd1a17d50f0bd11783f58725d0e7

SHA1
98fedc5862c78f3b03daed1ff9efbe5e31c205ee

SHA256
c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

SHA512
c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1967245499\manifest.json

Filesize
82B

MD5
2617c38bed67a4190fc499142b6f2867

SHA1
a37f0251cd6be0a6983d9a04193b773f86d31da1

SHA256
d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665

SHA512
b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1981392972\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1981392972\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping1240_1981392972\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5332_606526800\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5332_606526800\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
cc005441d70d209b3fe009d96a3ee18a

SHA1
902e4eee2498a20b54d9f1ad777a2f30d213bb92

SHA256
6670b8a68b4db8f2f2abad2b5b44b64569ff6e999fb2b362e799469737152c7c

SHA512
5ca3fd844e69d028ea0650367539d88353084688d82c947117ccb9ecfba2a013a32f5745a06aae2855789661f0734e5dbadc6d1f3289a0261cdf67da7ed0db87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
01cc3a42395638ce669dd0d7aba1f929

SHA1
89aa0871fa8e25b55823dd0db9a028ef46dfbdd8

SHA256
d0c6ee43e769188d8a32f782b44cb00052099222be21cbe8bf119469c6612dee

SHA512
d3b88e797333416a4bc6c7f7e224ba68362706747e191a1cd8846a080329473b8f1bfebee5e3fe21faa4d24c8a7683041705e995777714330316e9b563d38e41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\455d0a45-13fb-4b25-a1c7-6fe164d75bdd.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
80KB

MD5
86d2a12fc859148605c02ca5c544e140

SHA1
36437f3a9ec342aa11f0bfaf4f22e5e289c8b119

SHA256
080d6248c8e537f36baacf2d2a74e741dcfb0926cc7c507b6db99d5973411a8b

SHA512
d2ee38d1bf0ee318dab4f995870e3c274b0dcf2ede5509297bf0af352e8819391c5e2bd0a379f9754b1e4ff64bc6dfbd4fcfbbac4dab193ea47813fb7a1cbf26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
776KB

MD5
b6415e46d4d5d577b85248c8dcfb2306

SHA1
47b8559bf7259382318e46f10827b4dfe4fd7300

SHA256
158ae9969001128be6bd734765451fc369685ced95504ea53425c646c6bb0f4a

SHA512
ade4fa7bd757af98a39d6333d6b3e32342d715aba3767e9bb86c3a3dc271535f6c40234e02be5c2dc996cfdaefdd40350d876a2e45cf901c79eb8e3ee366dbae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
2.0MB

MD5
2694259b3ad308009879ccc219be096b

SHA1
19c51b9a90962bfdb67f857c6ece1b6aa49b231b

SHA256
1f3cb706e014202f9af9bb80451b8375c8c82ba29b1576f9e957f0989bea02fb

SHA512
d252364174769bd7ed72f843b4b86a68f5faa7022f25fb174f68d5eaa32f306163be58e25cbb4f89f5efb160c3ea92a8853c4edcc11d134fdebbcdb3b2f4dbd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
16.0MB

MD5
1c2ddd53db28d5f0ab4a24ca533caee4

SHA1
7d62c32f12dfea769643be6b8fa4c36db5dc7dbc

SHA256
a0959603722c71c77b523ded8319ee224f0ab6f783621202cf4b593a545b78a4

SHA512
211adfacd2a943041aaece158bc3b0ea3467d6e31885fb675986065af55c030e4a3f328bc697100a24431e91b7158ac00b49ef64ef6fade6f8c30d0f6902d5d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
100KB

MD5
80b5b90c4f3c45f46d57b5e1bce1e629

SHA1
367e3928b8c501a0827fd1b56083824932e9dfce

SHA256
f8f5766093e3c09b37b085fe81a7d8307c69b34710794143efe460ae62bafb2b

SHA512
395fe714443f48f04896aaabb79d852a79e6ae948fbdf1678505be724c0efd172043b36feb8716d9882585a47d23746f2dfb1cfbb18149ab9e71310ba0b055e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
355KB

MD5
2c017cd370b98f091fa277c8ed78271d

SHA1
8375a048564a44e5050bcfc12b1f2eff5f1f77b9

SHA256
c2b3511773b754984d34120b24d5af9c8be62298105c7251a3d0d4c14c4ddee8

SHA512
f93da7b825def400c32ae5f91c5e10ebeb17bb6d8596c556a02e9c3df24754448f818dd4b9d34af9ebe9c8c20be84d391fff22a04baead3c982775195d7dcb86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c

Filesize
58KB

MD5
2f235bdf2edc72828711a31542a5f2fb

SHA1
69c864f5d1d75fbf58aa34aadc9172d12168d342

SHA256
a2d6c570e58c1530d378539a81c293cce51cf26245f212a468cf308c6e6af5b2

SHA512
d9df48fd88930dfc1477492166f2eef838eacd8f138b7082a586e1adb6c2c9861c28419640c6f1722ce16f279681ba44f5e716404f7339e0a7048f29fdf9cec2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
110KB

MD5
856a44c7e5f305d914f73151e46348f1

SHA1
ef7198fffde31f348f41c1fce450f7c83f2724d4

SHA256
f576eb2ecc60fe36e8222e836af2b7a7fc0e2f757159e970631eb2e496b0411d

SHA512
c429e91a2cc420bede1768600604b9e3695d0f29640da2880ba9c2cd528fad536b63e40e142c48275b21c3607ea3e5677eee2c2c4332c894ff70687069dafbe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
17KB

MD5
a673a4ff37878ab1cb36ed1079a6e033

SHA1
823159a712bccac71c5dbadc14f30b4f3592f424

SHA256
9edbc2b7d4862beb81dfce14ae3ae0cc1df4359c2b535a79c34f4cc5072afa17

SHA512
02f70f2c2441337733ab64539299f1739248bfb43aa4fe00dfcfa558d6b4ee8ebfec28a2146554380f759174d7b4f0d55056bac251a3e870d6fdd211c3c754bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
19KB

MD5
3b25fbd9be0594e7d5dd630003ef4194

SHA1
73d1b16b7b95ec2907407f06c3f353497e29a362

SHA256
0ab699ef1483cd423e0880e48701eb0f38d8d250a4f7e63262a5a10e587f6df1

SHA512
137ca7a8f12319721e9ad5a729c14c14cd560abad62366fe47d2742ed30e9dcf5f3a3c1c5607deee579ba9407ce5b5c1c737bc74e07e64dee65e1fc2ab8b0615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080

Filesize
76KB

MD5
c99f966767a99c2971aaad4890f0d323

SHA1
d6dd4e0199e653bd6663c5203dc3889e9b6c0baa

SHA256
ad5f0de938a628df6b0de66005e92497bb39c09fb8491ea7fc4d5afd600262e2

SHA512
02475dacf307541c4e2801b2e849585d4210990fff97bf5afe9f44f5ee46ae8ba21152295cd8baeeecba3005250d81e7d280007f0b8f57f77247a3e2588b7c1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081

Filesize
162KB

MD5
aae5d55c9ff46070b6b597bb59738085

SHA1
492354520d03d72d24e73b0f9aa89769c9dcbebe

SHA256
e5b2d9bc382c658a59c578e86364f56f9a4464b1dcdbb26d3b1e6bd89136856a

SHA512
63ef27ca671ae0e1bf333b455b91e2e7be8dbfd37afbaf3bfb71dbb8ab1a43038a02b92be5227beb5a7ef67d81e0ae6ea1330fbbf710810828c5a67b95707106

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

Filesize
72KB

MD5
0c24bfb73d5151493376eb1d19031fab

SHA1
a899206d003d703cff22f20464588743d2b618bf

SHA256
3244024bcd81b9acbf69488de4d07f9d6df8ed070990ad1706bc4f510d63e64b

SHA512
b73528b77c5b60a97f79ecd9debc1d49693dd7ab4e1df756afa5c3c455a83bfb2a8686558c0962401594e3f69fe662b8e7830f9a546a3b917d4ee66903bbaa2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
64KB

MD5
b91d1d2c9cff8e17f65f77e0aeca3e72

SHA1
ebb1f2282ff8d8ed410b05d5dbe782ad45028435

SHA256
f57ae381b449e4170c6b178c5d9e4d528195dc7e0c0d166b302b4293dcba3c94

SHA512
35f8647752539cf68cbf11127ebbed36e34dd1636f7f9fcf9006e625302e087582dba708f78068068dd1336a505c0a1dd4123f70a09280068f4f210a0daf8c7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084

Filesize
64KB

MD5
baeb5f5b74af2049f2a811c61a6cfee5

SHA1
92d58959e524e9f44bfce1edee4aaa52d37b5317

SHA256
60e3b37cbe16239abd8b2f1b7de15bdeebfad572f041ad8cc534aac88b1613a7

SHA512
beb2d5ce21d7af2bc52af619764d82de0b16d3ae6d9d0b833ea486d4931d1a911b6ea6208bcc1a7ce3c825d114ca851d86449f95cfac83953b95658f8e372e95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085

Filesize
128KB

MD5
b7535131f7cd7bc821983415700d2b05

SHA1
1fe876763579951dffb7ed96621a273c2ae9ec06

SHA256
43478662f9df5c530383ccafbbfbafa949efddb4dc50b9765dd605e5e19b9c6c

SHA512
bab5cb0b3fb670d6fa1a0028660b77928c77e9c9f79d4d950e50832371d3692e34fb295f7a8f3db96b4bf102e7a3a374c9ee4391a010523660d19fdec7af9675

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086

Filesize
256KB

MD5
d50df859fac0f2587beed99950a55382

SHA1
9389a43a2661575dd5afdbf9f4521abffb9be4eb

SHA256
0f1fe568a93ba617348d6cdca8a12cb85e4ea8f6f6ae3cce1cd0b8fbed3de935

SHA512
b7205c1bbfb83c07a08241c106678c79f4062e1c700f2c61f71ab7288c89700a5fb13e733e4c8e3b9f12a68dba1365674c9b940af84f95bce7a38af4f1618195

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087

Filesize
20KB

MD5
dec2c4d37b3f7087b3be4b8d2ed03e3e

SHA1
81f63505d09004d905c0c84adc9844605e6b53cf

SHA256
6ac4ad2651b59806f7d477b69ea3987747db370059e50b7468d3248a5e00c497

SHA512
6dceed439547b6c8b00edc61d2e5ec0ca7bee0f0ade8036191ab87176e3d579206a6f617d24847757370528764782804401f794e450e1977d5a92676449d422b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088

Filesize
67KB

MD5
42304c8cb0c1405dbb8722ff0851092e

SHA1
d29d977dbe442bee281abfef45d2fe727f4e2971

SHA256
852a971f5f8d70afb548e7010a25dca7c0e97d350bee2e8009e8063eeb80bb0c

SHA512
4c0caa6d7deefffa50ab323826df30a1de5f1393810c8adefae8e93667049ebe335193650f3f40b3af5c3e5a00dd01623c0d0d7d7c88830a6732f84644225b27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c7

Filesize
67KB

MD5
cc63ec5f8962041727f3a20d6a278329

SHA1
6cbeee84f8f648f6c2484e8934b189ba76eaeb81

SHA256
89a4d1b2e007ac49fc9677d797266268cd031f99aa0766ca2450bff84ac227d1

SHA512
107cf3499a6cf9cdcbfa3ef4c6b4f2cda2472be116f8efa51ff403c624e8001d254be52de7834b2a6ab9f4bcc1a3b19adc0bba8c496e505abbca371ef6c8f877

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c8

Filesize
366KB

MD5
e6940bda64389c1fa2ae8e1727abe131

SHA1
1568647e5acd7835321d847024df3ffdf629e547

SHA256
eef5dd06cf622fb43ea42872bc616d956de98a3335861af84d35dbaf2ab32699

SHA512
91c07e84e5188336464ae9939bfc974d26b0c55d19542527bdcd3e9cac56d8c07655dc921acaa487ed993977a22a0f128dc3c6111273273ff1f637b20bb56fb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c9

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ca

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
f2f2dd04b35b3b7f03492de91a4878f2

SHA1
479fcb20dd2d8e2e49e895b1d19ebdff5020d579

SHA256
86a0570381621310d476f69eae78e0b97e17334704272ab536aa308e44871ebf

SHA512
c4a1aaecdc02867bea7b5f44cf71f3c1f12504449577efa150ce918c09cd971e35f5b3747258ecc02f0545a73d6a78f382fb819bdae3e2545f7eb3cc4b633b44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58bec7.TMP

Filesize
3KB

MD5
31cb678f78805dea5855c459234a032a

SHA1
c959671eb74a079f738e3148fd089244ba912f2d

SHA256
9bef52c1181045f9b708d43e92cceac60db9d0f81cd2af9308a14ce9f568fc41

SHA512
f936b13b6e0ba88ecacfaf80491e841dbf3dd97180bc096cd2baee415ecae4e83e13c71902da64069d9316bd523d335a49d3a98a6143aafebb5353593f02f97c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnWebGPUCache\data_1

Filesize
264KB

MD5
9c037511deae2db12a8127d9ca4994aa

SHA1
6952b9665d4a4b09f8a2093fd00464015642347c

SHA256
2b3d34504aa414206a97fab8cdde1641878901383d450d02cfe82c7ceee27359

SHA512
3788b09faafcabc137cd7a43b80be8fcbe57bb563b9f609078fa2197bb85b1d06b442b0bab96f6450c83207d5095c563c56c3787ad9fede983a2c0d57372119a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
224KB

MD5
a32bec6c91f4bda88c74e9c0ddd3b194

SHA1
05e97427189881f6a1a38e604118672d715246cb

SHA256
776f368ec1351c3ee6d28bb87556534373d0c14292a2817d4ae3756d9f8f3f95

SHA512
22c2b0b50bcd1db4e685df47452027b394b2cd5424234c477489517815d2c7efdd8164c0b6720a9dd2b58268b68ea6f81773ca96be731f7b6cfd1678cfed0086

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
be98492886afbf43dddf2663d574cab2

SHA1
5ddf59a2707ccc285a85f98817fdfc54115901b2

SHA256
88339d8d7fa5991b2d2bfbab50ab0861bd59e4fb7d4d8076681c08664b7067b0

SHA512
35d7039b56fb4a491b31ccbb9df0ec7d1817a4f26cf7c3ca236d544ba66513b996fd33af5afb9ab04a7c14d263368eb6231e583103c5a12c9d33662d8c81ca19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
960999de655a3dc3daad7526f8634522

SHA1
833309e8231089d502186caca8a15f875e165cd6

SHA256
2aac27a4c91f329db41b2bcb6b011b9830d24332344c4c7fdd2d6eb6daeadcf4

SHA512
488f285ae06f66620171ea48ce710982a0550d57faa7f148c9cf22925d94e13c87c8675985e6e152b38f78527e2fd1beb974f0225901e498c4fa833957ff3ccb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
211B

MD5
a653957ae9833b2aa733ace71f5c85ac

SHA1
48adcbf5a7b1b4929b4bb1d52170f740422aa1e4

SHA256
406abbdf4f45f4c7a957375e4c9273bf9eb812caea53b18dbf5300f6dce898a9

SHA512
294e6beb55007db00eda728a0caed1d5dab4b3acaa1097b7326eb2d659b345a7263e0a6afb167016d010b95f66a23f86e03347fc3fdde7cbe450beebd038dfbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
211B

MD5
556b7d89487dda2cbaded3342b8379ed

SHA1
8a05aef9ce04400cc5efb46f4fa159f0a9c13bbf

SHA256
6aee3154e66dbe44df099c0a475fa50703acec1cf3d93f3e2ae59444dc7c7342

SHA512
74d7b8a39b2e7c3525706fc650d8ca4c7c6b4eb661c53d2e7d9f2b6a85cfe0974afd1f5ddcb5e6c8dcd3f6507bc96b4fe0bbf1e5b805625f5426ef68a11e83ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
22KB

MD5
f0167850a3775d6c524499a5083d324f

SHA1
e28201ea57f0746bc2081ff2cde681aa71300f29

SHA256
74649e7c6aa63565f9b85e15e7c169b02b1fc82aa6af7b81efde689f88d6bba5

SHA512
851da38f9de62756fcb4ed5dc9e9ca9370974f462b310cd12e69b7ea417ae017753a64e877b5e0c60612c9d25f3a05dd475fa25f563182c6cd68c9d3801f9160

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
34ef60eabc535aef4cb4bc17a37c0d9c

SHA1
d2d75da537a5c764de6c04a320b14401332168c4

SHA256
dc45e49ec9756aa2dee572d267a486b350a2078da6e03094745be4c1a2b4536a

SHA512
e7fe547c249746f79f7cc3a11e738b219403165204efc21cb661311503c3a52b2bf52cdc90713681200d80c9d7c2905f2c37058c5de75b4cd0b8481f4296b180

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
4c1d48cebb19c97e8a9f86d43b1145d8

SHA1
5c4494b843461bf0a0fc570d19cec89d5bd95d25

SHA256
fb2a1595b978432984e9802b95b945dff846c7f091265a94b786eccff91ff06e

SHA512
9821157b06ab78b1d685308a81969f6f3056bff13e89c564c1381870cb10bc0db5a3c4a3b2f07d6155d2f20f99b91306a4cf41347f2a5251ac619e4f6831f22b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
21KB

MD5
65da8faf5c170974baec48487550aef7

SHA1
ddce6a11b54369e215931881fc4eee1b3af99913

SHA256
14f59d6a5e6497adfa336d1581794fa9765fa801fd925bb9271032de5d49a64a

SHA512
285815c8131237eb4ffcda45bd02b09c84d1b2608fc8c5552dbf419c893a7002bfad549621b67ee08cac6c0812b3e3d248f3636ad3036a77d592f5718e4abc44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
b2833279dbe8d25a5c873ee88b59a9e6

SHA1
77edefbfc93411a6d5ffaf30ea71cfbf9cbfb79a

SHA256
b340365b98979bfb35df426e1b74b0b3fc9c0c85ed56196ba38d6562af18212c

SHA512
fdc6e3ac9f4c6dee3b86d977eef36caa141c27df745d7be0258cb19372d4a48bd58f41d3feb07d5eb57a163455d06cf6c6a9f7b31c6d550aaae2796ebc3178cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
c14c767c878ebda42c2cfc5fdb88bf5f

SHA1
c594a9cbab04c401edec0ab97762e84dfd3086a1

SHA256
76bba0f61eeb3cb623f49e69fdf87515854de17a1e4efa4d12d5b4695c80619c

SHA512
2f7940af7a2f9841958e33a3f12c95ee27d963415552692253c62c6be45539648bbf97cc16783e3412b00d852f4744e273ad247d63fcf0172f32ab67a43ed57a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
004c9f8fa8ee97be220824f2ef8a135a

SHA1
4af9c7c0766971fb8afca6e5967031d7d9bf4158

SHA256
3137045ef5eda48a705d59b0f188bd84f205e644bbfc03815e0df672df179ab9

SHA512
3ccf247bbff4f0f3a136a611a954c87fe20959adbf917ad77f5c8d5f31a6ddedd91b4e551f24b33bdcbea341617830ef31961c4cab05c146d85b4441c22c2414

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\ee91b116cc2005be_0

Filesize
57KB

MD5
7c7887931bb384c4090204f6927fec6d

SHA1
63791b933c6dabea617eb3764090d4f1f794dee2

SHA256
04f60fdd22d6aab64c60012784485c3520a9edf71f52a6a20e259d17f934d342

SHA512
98a6d231c04d75d7f02a3a6e5b381b0f755f0739577bd4b4ef65cdccd9608c1587dd510ec07e4acda2042bf417d536be6a7a90ce827026f41a7bc9a0e65c1c2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index

Filesize
72B

MD5
8b9dc8d3b3e1066bcc0c178fd33af670

SHA1
508f6562f157dff46a3c2d714a4b9a12b22d2ec7

SHA256
9d7ba1d9f9cad4d0afa4abbea527eab8b3d365f50f7cf42205ab4846fa310844

SHA512
56e66e55d7fe0b3b75604bf92153aa2e0a6a64f7f2f83538e5ed228f57a8c30b25e5d069154e266a8b394c4f5781f04c58aec09b619b25629af6935be87980fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index

Filesize
72B

MD5
796ca22ce1c08ff937d11bf871d67163

SHA1
aca5915979a9ad88393bb4a797f92242341984e4

SHA256
0cdf13204184728509a40285d938269c5eceab4092f41f49110a6b71806f1431

SHA512
19209e2b2421c886f001b3fd3c96ff97d74b5c02dc0d63ef69a966b8cefbb15ccb93f4a279ff71a82b6c15ef7afad8905a75185d3826ba236625b0a988ab71ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index~RFe57edfa.TMP

Filesize
72B

MD5
ac63967ed3307715c49a266975710683

SHA1
fad9c88dc1c6dbcfd76b299b00969b1c9655f435

SHA256
1bd286bf8c485bc8b3f45ec4c73bb025a5bcce1eefda85966e88c605bf5f7bad

SHA512
9774cb314130f31a0eef732b9d0399b1259525f46068981c7678e8d43fee5527a042a261402123bd1770b03bfa08c86af41fa7b581684757e034936d8983f433

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index

Filesize
2KB

MD5
a4d46302d41acc0c31c25ab68c4a363e

SHA1
4db0b01c01273a839322ad27193b1ec744eef97c

SHA256
6bc8458a88f7ca877baa70042f6fb2317c62d4a159329e61732127aa1edebe54

SHA512
c12d99182bf272c1d0c58e4a868264e706508b2b604a0f397c65ab68264acdd14ffef4dd312c78eb5dd9ca16b5f997447a262194697f793cc0f4ee9229c1cffa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index~RFe580460.TMP

Filesize
2KB

MD5
5c25a2abd21b67dd236c217769845193

SHA1
227fe7662bc27f47515f520d378f8ecf02703ea4

SHA256
356781f34e364534019fdeeb669fc0dd5186fc33f9eee288effc07b429f4118a

SHA512
b84e0c99ad7a36f14f075ddfec846190624c2acd88d216df1afa67dcf9513772bd815d665713bd94a28b18f6793a7dc2a00e968d0db2cec9500ab311575a1e85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6cf4b3d6-ec0a-478a-8254-e7cd500fb686\index-dir\the-real-index

Filesize
72B

MD5
c12fb24c1e059766bb81d2a2ee84f527

SHA1
728b4132b791c8eeb08b8bf2269bc662b466e412

SHA256
aa3f74d0a383498844f4e43afdb3afd9d2c5c6526a37592a9d2b296135232769

SHA512
c89410b72434e73cb5c2aa1fd64e33969e23f362e9279d7716e5cca9e1bebbc09c645f45c4fe5b52ca061c80686a44b2cde97f2552f3b3b52c2014e626ccdf98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6cf4b3d6-ec0a-478a-8254-e7cd500fb686\index-dir\the-real-index~RFe57ec92.TMP

Filesize
48B

MD5
ff55e08afcc0be98f496b40fd6b036bf

SHA1
35d70ac30f18ec43dd6acdf03721a6be53c5c772

SHA256
6ac0948d0272fe461cea589f889290c92e2118a6c437cf74fe105da0077872ad

SHA512
481269f2e58a441a97341a770b9c2bbcbbbe730a43699b4e82b6c7508fd22f1fc104ddb9c7dd30b585e07016c415e34dc4de1e9112aec9c945f80b460a91dde8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f9fd1bd4-3821-4fd8-ac64-8914ddd027c2\170ce29fd1bcbf73_0

Filesize
57KB

MD5
4ed184862851c2110b0f7757ad38f89a

SHA1
5bebd76dc9cd4ad045a77dc6f363401324c447a8

SHA256
06307fd262b22f7c960c5becfd30f4dd5715168c5f0388772371674f0e042a84

SHA512
9d5a2dd70e7f8541c75fc810bb0342636a51f367389bea8a90a25af1b8a4d607eeb0dc522bed4d47417bc40710933fa470716e0141bffbf7206b0d383501e9c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f9fd1bd4-3821-4fd8-ac64-8914ddd027c2\index-dir\the-real-index

Filesize
72B

MD5
80358c45e721a86410c0e599b148133d

SHA1
0bc780850a657cb8f9247cf2a923ac67a667e7fb

SHA256
1f9837514dad266b1c30243f8d5a8e03c62b0a8d5eb97a42b898dc9e2af6cc38

SHA512
59c050e59b62cf5c0b2f1ea46dfa50d09db6a20897983ab976b411322f2877ab1d7ae4aa7e44aab753cf0f587d5e6d84600dcb332ce8126b5626a4833a53821e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
322B

MD5
27d7a0daef560b0709140eb31064225c

SHA1
56ba071e5997a3da43889e80924c4041271b5050

SHA256
913d52ededda793162a4b2a403b223ddeb75a94ad7370f520adb531f428b5c6f

SHA512
f79ed04c746bc4736dbf6e19b05ab16b698c7e3b7112801cdfc5a724e5447cb3f571612bd0e6a5d9321cc97bf4b9fc23e023a2326ad02d986b7a1b1744e53ea3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
327B

MD5
f2098b1973fe4605a0ceca242a848f20

SHA1
19540ae8ffa6902ec06fc32e3b422f937b4829db

SHA256
5d16065e946757061f41e085943385c52a8b4a04267a6fedfc5107c6b0fbfa7d

SHA512
87dc8d261ed2ee4cd6caac0cd5c37eb2d43a361ccc597c939376c21409081cabdb9477c20aa8274cfe35543f922c1006ba61116a0dd226bc3ecae901f4ced544

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9474d52ac81a243c94a08fa2814ca091

SHA1
259b2ab3f512ba29c1008877ce1268af1dae61d3

SHA256
0fedbab2440564668f7756e057b25abcce2a9533cce7a6d8f99ad57eb10e781f

SHA512
3a772b71a9ed1f0d6319b59fac2eb7c02e886dd054f67f5e03e04bb4fcf82072d4d31d8102acb6e48bc6835a30f6bc4160512e1c7443e61dff6fde35d5fdabe6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
36799dad0541f471daae42a2a27ea6b7

SHA1
4518dafc01f1c4ab7bc09da0afe23cc875a02d3f

SHA256
8b3fc8624daf7ad3133f0931228d48266b184bd21595ce38e9fc14657d61c28a

SHA512
10e2e14a5794c7f59b8fb292772c325989149692c89088a9353ee185bc8cf78e3338a805bcc214bd122eedd1940443fc46b7d39a0d772565b6eda23a77b53a82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fd5b.TMP

Filesize
72B

MD5
611f13d1a111e0f8add19f8dfd8f6071

SHA1
1e362b1c6cac45a00297498b36870600c200d1cd

SHA256
5a3a6c003e6fe4ace28272ee7fb563cfbf36b70d0b10a46c07ab4717fe3e3515

SHA512
f0185ed1b79d3f5fccd7ad4e93597891113503737e3a0a2dc43f73375b3a5395890a84134103ac1344191d753b9d0a4c4d38aac00cdeb5178328af7675f3d4e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
326B

MD5
b04bbf5a00917503068eed631af00abd

SHA1
6a5d5294b44b8122787c317db1f2f7ae57298280

SHA256
97b8bf8e780bfa9cae29092dc4954ddf1a6e57fe01d1c770a9a59bb57d26bdf9

SHA512
559282676191bbb2070a46008ed159d8f4c06f87dac2863a5b74d2ea12897fcf03544afbc33722f8a36842627c5e82e0ca04bdf858aac13b207ab04a73ef22af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
a9ff05e3e315e1708be921f3112d1aaf

SHA1
988db01b64e744834bab126687af9d25abfd522c

SHA256
2c4510f1559d527213eb2631ee944cbd81a7c170ed9f62f5deae23e09444be7e

SHA512
ab90b1d4d7c69ff55c2276d862403e10f2069c359ab0176be9fb9cc32baf22bf1820fc7cdbaa3f79034ebe56e52e023b4b5b277fd33377d7d018cd3b4fe89352

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt

Filesize
113KB

MD5
60beb7140ed66301648ef420cbaad02d

SHA1
7fac669b6758bb7b8e96e92a53569cf4360ab1aa

SHA256
95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985

SHA512
6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
469B

MD5
3537d5d974a5cf1ba4d1340b6139f48d

SHA1
2785167a3c4f714d98d5f9bb65703fcd49466e6d

SHA256
dca75df6c503c97094f71864d256098e7e5b47e427dbbba8b3a6850b5c237e6c

SHA512
440a631a791f1d63ae7307405056a19451deb45ca143dc5d03b5fdd75155cc060bbe02106caca8c4c924686fd9e244fa2c31ccb0d9577e999e5bab96e1e8abcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
c7e4136e3e0d70138129569a6c85f0fb

SHA1
208e63163678987d1e7f428c4d03b1c39bda3eaa

SHA256
a8ab128de1840076ac7748015a7ce6d293985c2f8bc2172401cc22279f1766e5

SHA512
d348e0649591c77ba44baade71dc492a95e5c3e772a1141e5752f8c9f591c947e15650933013358dc324279cda0ddcd2babd51f205bd4f39ab44f59023eb0d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
464B

MD5
938f5720b224bae1aecccf48440ce350

SHA1
1fe7ae4560f6e9f5e0fb8ed28971d7da21d8a3fd

SHA256
e97b72a69e3ec475268319e6a7f02a937eda95f2f85893530f73aea2f541ddaf

SHA512
0935de7e96954483c94e019a175c625809e6817a4bf3ced41193edc55efe69a17989b6ea95c2bb4316ad2412555998d26ad0e31b8064282496a4371c8612695c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
904B

MD5
2b413f17ae62669cc20f6964c7f229c8

SHA1
297bd7a91bfef918318bd91725b0a71f22f44ca5

SHA256
b2bb8e1ccb46325e7c408d3fb593d1f3463220efdc5710760ab9f8e5315d073c

SHA512
ac0296fffd8ac1649287f16ae8def230d3b166078f16afc21edc09bcb6802a1d5e7cf01c6cffa97411deb6d5f14c6eca015145df2f69f903bee48a3767a693f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.1.31.0\edge_checkout_page_validator.js

Filesize
1.1MB

MD5
0e3ea2aa2bc4484c8aebb7e348d8e680

SHA1
55f802e1a00a6988236882ae02f455648ab54114

SHA256
25ffb085e470aa7214bf40777794de05bf2bb53254244a4c3a3025f40ce4cef7

SHA512
45b31d42be032766f5c275568723a170bb6bbf522f123a5fdc47e0c6f76933d2d3e14487668e772488847096c5e6a1f33920f1ee97bc586319a9005bacd65428

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
62KB

MD5
02d04c6b5947f5c807054475be888249

SHA1
26a4d601c0d2c90441fc114de655c5d4189ec0dd

SHA256
93730e1b7a48b255bd34fb9e785de905850496eff103878a8ed07111e7b58ec2

SHA512
725917c40c37d9bc57e4f632b3ea5bbe417b670f3c657e53c3cd08eb09b0ace8008260d1b6bc79103067aedac64435cd2f40591c66c02170ca5a590086808bd8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
bb7f3743f32d133d066eda5a9803c444

SHA1
f358c861d874541940315f94fee25ac8d57e036e

SHA256
0dfb40824129eae4775a0c6a3af9ff67496ba0287e39bba66fb4d9a7ab36180e

SHA512
cded95d64ea0b1e15d44c2b1c6423fee3837f23d9156e27257efda5b1722ceb98e1a3f1ee1fd56396f6289a35843a0c5a104f7d9834ddc6d6cd195d193b69ed4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
62KB

MD5
2547d8468f4f9d85e5f69d524ff88d67

SHA1
fb96ce85ee3fa189d3f0d7175901c731db917093

SHA256
d4b0482636e5912b8d7509dbaaf5e0cb3ca94f0149e9bcc91585d0fa2042a89d

SHA512
8d89d3729f3c3d44a3d904365c93c93d547dda39a9001af941a8c746aaa8ed131d08bbdd61cc2fc5af0967f8f4075212623e03d0be525a959dc74fd6d472a512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
f23e7d405069fb45687df37714d69a24

SHA1
52dd75ae6147463e2341c579e0080934d308f798

SHA256
ce40b1eda09e50817809673d77edd34f06d5cf784438d788715493808de4800d

SHA512
88de1d271464a45359ab563d0851ecfd26a5ff91c0f2e5a06c3d73d5c9371e124ef986cb9ced0a839699a85fe0504d9d97e77d28a7c10208ecab7e32e05d4c89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
6120a57fd9ae7f91babf090fd1da1ad2

SHA1
7bc8bcc6b32b7260cda1e30cf4760788de56de77

SHA256
328e4011e2f20321ac98be9d68a5a8a19ce26b211799a6db522ce0c7f53cfc00

SHA512
cfa00a665d6ab032979bf4a34a6e5f5f7eef951919257168f1e6a0d419e5556353013332fd20f7f684f4685482ae3e94a436cd58520924d7fea027368d086342

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
07978014909e1b3600e17cafc00151cd

SHA1
98bae61d71e6b4fc079467fc6f0bfabbabf39668

SHA256
65d42b09b0526e219a4cbde7213ad94db9273fed58de42bfd46363f2323870a2

SHA512
e92345e3ea914aa10ce3ebf4c4fdb95311c599792d7eabb56d5d31ddeb78d064b1b6193f268d8f8bc48cf5a41d5cd90c34eff8bd22d5a106475ea2e934e05f82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
e6dbf9e247f45d6fc39bcfd4b5beca50

SHA1
bc82d7de590548fa4befa3dad6f629a91b5c669d

SHA256
cc5b08f2777e2207128d2836baad0baeefc94c97942b8f6ea0ed98c8b6e84b63

SHA512
dcc9e88c60c54534542355e74be9dc0f216b7455a626efb8c1ae5415b1508004193d2457ee522583775e1673ec47b4b3e4cad934d6399e9dac33bf9e4276eb65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
1f0386779d2cebc35b5ca76a4b172201

SHA1
f21e1f019c5b54f081845e8b54b0b0ecf9f57efc

SHA256
ea630c7d2f246aaa5299a9f549ea10c1edf770e67c49da091373bf1de4a61af3

SHA512
d471f01a60133c4848e695963e63a6c7e35d488dbc12108375817916cab4508794e72d950d51054d76690ec2b09532757563e86825b1e66eb425da3354ac4f17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
3081d42e87fdc5a5f63d1d76b24d936d

SHA1
bb3e72f781ac9dd71a2bed66c7b4e3afbeda955d

SHA256
03e36c921734e93e0945a4cf3bca4ae96a3d4d86c77573c4a8b10d038f96d8c4

SHA512
416453271c8120bf5a8eafba0861240cd4cd8ba1b33e1d11b785306ec22a0c1366d855cde791bb9c8a09b36aec7bdb40bb1a133ed1d62f6b82307df862a5c663

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
8b4d8b74bb76d09867c13351cbc7c6e4

SHA1
7f51af5713687670a6cd0bf7c067e81fe468e89f

SHA256
3bc035666d40e60a3f94e96625604d28454b32847472dc95fdad1c2bb88174d7

SHA512
78493fafa492d11b0fd9a915ed0dbe3a99216f61947b6747c99f554c488e0c870d2066d67919be82cb16ba2021e6687ff169d62ea6a2c8539eb8a264c425ed0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe57f6e3.TMP

Filesize
392B

MD5
3710a261b6b46ad34e5a94aec6243a01

SHA1
938157cc607e2b48fd47ba046e03d84d6042cc6f

SHA256
cfe25f88239f3a6fd5537b4e6a1958813f8527a512fb1b6351aeff6705efcbbb

SHA512
d5495f81495adf8144e72697b4dd5081a95e250a4aa3bf02edb773779353dd6cbc107fb446352ecaa6fd20815506fa9c34afb647436084357761536c28fec0e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
43cb212841063b22dcb650278f77aefc

SHA1
abc7bae5348dc8bb29c0a13e03c98babb7e45dc5

SHA256
92c3df5a5469aba0899d7650e20ad230ffe61239ef2ed411ad2362871a5121cf

SHA512
c6babc41300384782e80b5bfe9d3ddc9c131c5c67ee521b744f486c3330f05a0bd0183bab196cd777d29a20a599829c2a7d2c24a93be480449611da3db3de331

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules

Filesize
1.8MB

MD5
d7c9c6d2e1d9ae242d68a8316f41198c

SHA1
8d2ddccc88a10468e5bffad1bd377be82d053357

SHA256
f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547

SHA512
7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE

Filesize
24KB

MD5
aad9405766b20014ab3beb08b99536de

SHA1
486a379bdfeecdc99ed3f4617f35ae65babe9d47

SHA256
ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

SHA512
bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
55a3f902852522fee915ca7211f51e0b

SHA1
292a0ab5d24a4a8f93d650f0b4dc022ef9e0b371

SHA256
c23bfd8cdb17ba5c3a86d6493fb9acac017aefe29258299d1c21a2eaedc5a0c6

SHA512
93af4592af77cf47e5eb262f1daf2529ae65d662f03ac8267b289d833491b645809942b8bb828a8e3c0d3bbf7068576906c79d832b252a03c2d6ae2013a935ca

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
998f5578f481b0516023b6aebe563a3d

SHA1
ce5b995abab6f1b9804378aa53cd83f4aab822e2

SHA256
e310ab789dbc48d6e2331308314997dd7b862305727c3c9aff5163bccb0bca1e

SHA512
6534d1ac28ccf0e97807dce2015e851c412002e5e69539f094076957aedff2293a044a69d700a588a0fe06300ca17a32385619dafc61ccb8316a481bd2f98fd4

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
3bb716940618a6f9b3cce92d3f99f62f

SHA1
27a08ce06cdbd1c105f9705f9880a67d850f9333

SHA256
576edd37f3bee08a8b31f646798879de3bcf3f837c66acc927f82007cca41160

SHA512
953944c399e09b75edc0c0a75c0a53edde892858189695fea7d91927cb6168f30b1ae3cdcc1d8f6d10c62755040be3591e39c0fc2161b8f33fd8292e4e0f3c51

Download Submit