hxxps://jingjiquanzi[.]com/vote

Analysis

max time kernel
442s
max time network
443s
platform
windows11-21h2_x64
resource
win11-20250313-en
resource tags

arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
submitted
01/04/2025, 19:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://jingjiquanzi.com/vote

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
329	4032	msedge.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\wallet.html	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\zh_TW\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_2059972971\_metadata\verified_contents.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\hub-signature.txt	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-hub\ar\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-mobile-hub\en-GB\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\nl\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\fil\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\id\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\ar\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\wallet-crypto.html	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\id\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_230225440\_metadata\verified_contents.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_702329154\deny_full_domains.list	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\kk\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\am\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_444112065\shopping.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\Wallet-Checkout\wallet-drawer.bundle.js.LICENSE.txt	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\offscreendocument_main.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\hu\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\lt\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-hub\de\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-hub\fi\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-mobile-hub\pt-BR\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\it\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-tokenized-card\fr-CA\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\ka\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\lv\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\bg\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\en_US\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\ms\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-mobile-hub\id\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-tokenized-card\id\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\load-hub-i18n.bundle.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\hr\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_444112065\shopping_iframe_driver.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification\ja\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\sv\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\fi\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\ja\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\pt-BR\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\wallet\wallet-checkout-eligible-sites.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\my\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-ec\ko\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-ec\ru\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\pt-PT\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\bnpl_driver.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-ec\en-GB\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-hub\zh-Hans\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-mobile-hub\pt-PT\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\fr\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\fr-CA\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\wallet\wallet-notification-config.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\wallet_donation_driver.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\ta\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\ur\messages.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\buynow_driver.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-notification-shared\zh-Hant\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-shared-components\ru\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_50022258\v1FieldTypes.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_1577698354\manifest.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-hub\id\strings.json	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\shopping_iframe_driver.js	msedge.exe
File created	C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_655485414\_locales\ca\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133880087182482053"	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2873637269-1458872900-2373203793-1000\{161E65C4-7D05-4844-9844-4E7CBAB57E1C}	msedge.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1592	msedge.exe
1592	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe
5612	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5612 wrote to memory of 4688	5612	msedge.exe	82
PID 5612 wrote to memory of 4688	5612	msedge.exe	82
PID 5612 wrote to memory of 4032	5612	msedge.exe	83
PID 5612 wrote to memory of 4032	5612	msedge.exe	83
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2020	5612	msedge.exe	85
PID 5612 wrote to memory of 2760	5612	msedge.exe	84
PID 5612 wrote to memory of 2760	5612	msedge.exe	84
PID 5612 wrote to memory of 2760	5612	msedge.exe	84
PID 5612 wrote to memory of 2760	5612	msedge.exe	84
PID 5612 wrote to memory of 2760	5612	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://jingjiquanzi.com/vote
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x268,0x7ffbbc8df208,0x7ffbbc8df214,0x7ffbbc8df220
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1736,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:11
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2172,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2472,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=2460 /prefetch:13
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3392,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3408,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4944,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4844 /prefetch:14
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4860,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4728 /prefetch:14
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5580,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:14
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5580,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:14
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5748,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5728 /prefetch:14
  2⤵
  PID:5792
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
    cookie_exporter.exe --cookie-json=1128
    3⤵
    PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5784 /prefetch:14
  2⤵
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6140,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5920 /prefetch:14
  2⤵
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6256,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5820 /prefetch:14
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6532,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6500 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5820,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5864 /prefetch:14
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6236,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6172 /prefetch:14
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5708,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:14
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6184,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6596 /prefetch:14
  2⤵
  PID:5124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=5124,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5920,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6684 /prefetch:14
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=5760,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6692,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6668 /prefetch:14
  2⤵
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6820,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6984 /prefetch:14
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6848,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5216 /prefetch:14
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7000,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7008 /prefetch:14
  2⤵
  PID:5552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4884,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6888 /prefetch:14
  2⤵
  PID:2884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6980,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4740 /prefetch:14
  2⤵
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4120,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5196 /prefetch:14
  2⤵
  PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5148,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5952 /prefetch:14
  2⤵
  PID:6128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --always-read-main-dll --field-trial-handle=1916,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6600 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=6024,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5012,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7100 /prefetch:14
  2⤵
  PID:5528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7128,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:10
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6952,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7144 /prefetch:14
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4872,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7100 /prefetch:14
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3240,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=3944 /prefetch:14
  2⤵
  PID:5656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4748,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5116 /prefetch:14
  2⤵
  PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6408,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5660 /prefetch:14
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6960,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6616 /prefetch:14
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6560,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6400 /prefetch:14
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --always-read-main-dll --field-trial-handle=6252,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --always-read-main-dll --field-trial-handle=6048,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6476,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:14
  2⤵
  PID:5124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6224,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5536 /prefetch:14
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --always-read-main-dll --field-trial-handle=5128,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --always-read-main-dll --field-trial-handle=7204,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --always-read-main-dll --field-trial-handle=5596,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --always-read-main-dll --field-trial-handle=5780,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=3940 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_xpay_wallet.mojom.EdgeXPayWalletService --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6056,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=6172 /prefetch:14
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --always-read-main-dll --field-trial-handle=5684,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:1212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --always-read-main-dll --field-trial-handle=7392,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --always-read-main-dll --field-trial-handle=7348,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7452 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --always-read-main-dll --field-trial-handle=7844,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7856 /prefetch:1
  2⤵
  PID:720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --always-read-main-dll --field-trial-handle=7976,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=8004 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7848,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7876 /prefetch:14
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --always-read-main-dll --field-trial-handle=7860,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7964 /prefetch:1
  2⤵
  PID:6108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --always-read-main-dll --field-trial-handle=8072,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=8052 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --always-read-main-dll --field-trial-handle=6192,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=7376 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --always-read-main-dll --field-trial-handle=6764,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --always-read-main-dll --field-trial-handle=7264,i,8682403338496381099,3326268726795690079,262144 --variations-seed-version --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:5008

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4852

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:5988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\autofill_bypass_cache_forms.json

Filesize
175B

MD5
8060c129d08468ed3f3f3d09f13540ce

SHA1
f979419a76d5abfc89007d91f35412420aeae611

SHA256
b32bfdb89e35959aaf3e61ae58d0be1da94a12b6667e281c9567295efdd92f92

SHA512
99d0d9c816a680d7c0a28845aab7e8f33084688b1f3be4845f9cca596384b7a0811b9586c86ba9152de54cafcdea5871a6febbee1d5b3df6c778cdcb66f42cfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\edge_autofill_global_block_list.json

Filesize
4KB

MD5
afb6f8315b244d03b262d28e1c5f6fae

SHA1
a92aaff896f4c07bdea5c5d0ab6fdb035e9ec71e

SHA256
a3bcb682dd63c048cd9ca88c49100333651b4f50de43b60ec681de5f8208d742

SHA512
d80e232da16f94a93cfe95339f0db4ff4f385e0aa2ba9cbd454e43666a915f8e730b615085b45cc7c029aa45803e5aca61b86e63dac0cf5f1128beed431f9df0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\v1FieldTypes.json

Filesize
509KB

MD5
c1a0d30e5eebef19db1b7e68fc79d2be

SHA1
de4ccb9e7ea5850363d0e7124c01da766425039c

SHA256
f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1

SHA512
f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
8272581d8cb38484cc8cb6afbdd0d37e

SHA1
2baa96a0439003aabaad1ce5619ea0a581cf261a

SHA256
025356bf819ea8a5da44ac2c4510bc380a9448247a30665577430ca7a44ca297

SHA512
60574186c595b0018d9223afd38e59378b1b00ef4f39be17ef2d7613cdac5b8f9e6dc3f2efefd559a0e4e8d64884d6ea155e874df13f170bb6dfbb41a0104959

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
b6fe5218e3f904f25f66c257db3a6c5a

SHA1
2e1f125d15f5f8ad838cc483f4e2b8865997a012

SHA256
6d841d1230dcd41eb794ff4858a447c6b34b74f0db2a865543ea7ac3ee7e80ff

SHA512
8b0b387546e2c11829630fd5b8dd2a80a4307c9740036443acdfe0c6b44727a2a8ec4a5ab7fc81102829a1bdeffb3fa9f00781d8cfe2ff0fd2a2a0d1e28e782c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\86d9a9c9-f9d0-4520-b6b9-95265b788c75.tmp

Filesize
28KB

MD5
6fe5e1e977d941fcff103724bbe336db

SHA1
d0d68764014545d0b0cf93c6c1a804935c06672c

SHA256
38a72e7025da92354c34f5d40e6d797609a9b43988c2121732eb48c02361260e

SHA512
aa7bd1613706ef5bddc8a2680bc9429f2ee2f85d969118f7e14ff626ee1ee90255f49ab7452d39a3a100f9af47a59a4dd2b9bcf04cf32eb75addd7a1c66877c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000007.log

Filesize
21KB

MD5
201dde351eb7ccb84bd6b146c49c2f4c

SHA1
fc312a65535ecede66f89e74d322956d60c6ab44

SHA256
1003a7f94dfa5bfaf80a9582b740132bf84c5b1a495d6c01fd95a4c95dca7a55

SHA512
ac56750c81a5762879691bf3e3cf5eab4a18023fc6845cb7ac990f24b4e067026129e070ee83a0e8f025783acb878b5ec8bc2e269bd67abb38b2446eadea9126

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
352B

MD5
baae7b40ac54a480e6ce48250860db73

SHA1
e22d1896b3867642f94e146ca33283220f874bb7

SHA256
1a620f67d01cd6e0a776185a9c6243f59a0dcaf5fbd0f8ddfec71cdf4441eb16

SHA512
fbbaa8b62443bedd8a1c377485b5b3438cfe0b8eff7af04536f5d2df4e74163b3bb5ddc44324cf19311cdf9da05359cf8f8f2ffd58ffd2f6eae5b11173bd6878

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001

Filesize
268B

MD5
ae52241cbffb1512930b58c8f22337a1

SHA1
6d563b44bfc56bcd0cde64a36c255f68743f67ba

SHA256
a71ba1d58219c864cca7fe8763a5ea3fbdadaa4696aae3510da0b62c7b1182bc

SHA512
3155628adde16553809f89865c52fbad832f9eb05db45fa134b6e6d8fda44d4be3ee67fdd1ad7491a670e0ecdaa5023f9ffd9177904df7673be8283c0aa4f955

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
802KB

MD5
3f0738958f24d206cf76295a3391ea4d

SHA1
786c261f7eb286aeffcf84aed090a4c570990e8c

SHA256
e6042851c34b55b846781de30e639aad7a7a881f1872dc40569937c54da6315a

SHA512
7652c44c584a1b34295053c99429eb774de3219fbc00855818bab4ee778fcff3624aaa4c0c8098809c7dbd99d94aeec6631c9bb97952f59abf4fa7cf3da1e5b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
4b58d7cfbb0a423b66143c6680f1cbab

SHA1
ccfbac3b13ccfa3006dd36998bcbcc2c1715bba7

SHA256
5e4625ab7c4dab313996c08c3e2eb686cf6f2f5f69c4bcf77e5c4af61a99a037

SHA512
a9a50937a390a89cc3e5842ba9d897aeea3a80b341c322520b67318a831abd0e60eb5591d53858a0d63dc1e6be33bf3f1d0da9d959f1e519e2df59d33a043329

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
1d1661a2f47bf3bfc66abc0ed33719c8

SHA1
e7cb1be5e8ee69792d6e87cc1d3717b52782edc8

SHA256
e51e9710afe96bfc316ed4e4894c18b1d635a0a15727dc5ba39cbfed35584386

SHA512
d119a671881445349d11be1f82c9f85a62a38168efeba21daa2c77d4cea618584e6cf28ac7bc95666a3d14ab8cfa0f3d9deb85fb87a270ce0c8b50dca05f4391

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
8e6445de3ff460455de3e60c60a3b1f4

SHA1
9df5e7a6bc4cb829a8c7a17c83a4c78509355659

SHA256
efdf79371fed742cf687f8e6484f0526d1b61d5042c8f141ded03cc5b7d81a23

SHA512
25198e65e760db65e7dac9ae8acb61d2a47985e3d2025e1eca29155b21e7d25df910ef24cdb72132ad812896c2d418868ddf6c002109ba456857b21fc04ffcc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
194c418ad9201ed46ac09d9b6c04d23f

SHA1
bd2044a5d350870b09d797d58db1fbea7f7510c4

SHA256
bfd5c71f77aed8c37b476aea8b5aa6411d05baee35ba31cd3073bbe15186e1d2

SHA512
0ffaf43d05a3aa228a33d0351fdb195999c33bb7a225832a4c1791fe37a54f3068031e253a21591793ba7e5c24cadbb3fa5be5d0d0401aa6a099739af4c4de3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57eef4.TMP

Filesize
3KB

MD5
7de57330cf75ae1e79adf242b8f72727

SHA1
0549f190a4f289c9797e65e333de5830d7ce6c8e

SHA256
ef3f2fd6020bfa76671fbe19d5327bb3bebfe4b5447850a403470bb831d4f903

SHA512
f63913540614fbd61230b67b3ce7b3cfe407239b7c42bbae6c293ef278b0608b89a77c5f4778010125d1d7524e819cb846d47f807f6abe3d8ad6f36188f244ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\_locales\en_US\messages.json

Filesize
1KB

MD5
578215fbb8c12cb7e6cd73fbd16ec994

SHA1
9471d71fa6d82ce1863b74e24237ad4fd9477187

SHA256
102b586b197ea7d6edfeb874b97f95b05d229ea6a92780ea8544c4ff1e6bc5b1

SHA512
e698b1a6a6ed6963182f7d25ac12c6de06c45d14499ddc91e81bdb35474e7ec9071cfebd869b7d129cb2cd127bc1442c75e408e21eb8e5e6906a607a3982b212

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\manifest.json

Filesize
2KB

MD5
ad6aacf2ae0008ce3f78d651fe7fba31

SHA1
44c260a2198694c4e1a433e842088585e8aff53b

SHA256
e8e311634917d45b4dea586db583d33b6fcdbc24ec03ab0e41d2366d119f93df

SHA512
216e5788d108b315fe40f9408f5fb5c094c25daed5747110ae87a60be1133c4755a7f04ddaec32f2609a60283f88c5798c2505cec7a214585d4be02a8f0f0141

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\devtools_devtools_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\devtools_devtools_0.indexeddb.leveldb\LOG

Filesize
383B

MD5
c6d1e7dfe10de00272d1431e5996c25e

SHA1
9aa8f00428e01cf02f4c3fc894f6cd9f773f8c2f

SHA256
472056397c4ca782599b8e840912285b484d7a9d7e88d1f6ef5b6cd0156bed2f

SHA512
19102e17170c3e4af9b9949af198d525263d6fd0b932d16e15706b599c9b4bda23de1e2f91989230c97ee768a6083283defd83f9e0cf03205e3bf57039b51017

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\devtools_devtools_0.indexeddb.leveldb\LOG

Filesize
383B

MD5
7ca6563c13aa87fa99cd38e56c04afcd

SHA1
aaa082a7e7015bd50ce09b75b021ac1eab095dc3

SHA256
a7430b790945388cdd18a7ef69d28ac3fa7c9497c3e468ab2a8c0ff08250c77e

SHA512
23b67b49a8757411f36ce31f50013e49228df6e8c3178fb695adb671cf731e69a0f19219fc5084c91e2209869dc73123b989f1639eb440d43d80ba69c5be8348

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\devtools_devtools_0.indexeddb.leveldb\LOG.old

Filesize
343B

MD5
e6783f55c6d0806c4a620b52204c6d30

SHA1
32302867e028f11d8efb069725bf337e699a7aa9

SHA256
dc7ac8acb18b45d61968d94fe2b9d7345dfeb93fb044450a57a63b7019815b0a

SHA512
13e1aab473931c66c57a0a19f84a8596a013f5b5243085ef6aa75ed305800711715eca4be2e81493cd24d0a376852471267a4502192cb6edd6e918a3ba314a95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\devtools_devtools_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
f4bbd4057f18c15c5f9131c48f2cdcc7

SHA1
22c3346833cefbb7663c99887a84ae7ee25e8f4a

SHA256
e4a7d58c35ddf74c9eabe2eae519b4a54e81a2e008c655398a591c62240de4c9

SHA512
cdd9c4300e4f4f40e4727041f2e527541a6a35196abf25ff5802e5bcc2115dfaed5f44080de84cf68f6efd043555c2233cfd00540d26e138cc800beb1959ad14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
477ff28d6893e036b6e9b8741ad5c50b

SHA1
819047a5e32bde2477efd8870ca31283e5e966f2

SHA256
3e87d8122b14da7cf23a4e125c5f12914805148750ed6553a13b36bd25300586

SHA512
197e79dec187abb4087c7afdce9d2343276d036029f2bb3bb4bc8ec4f4a57ed4626330b18dcffbc47d7be66cd995371708d47eb0a3e15454a7a2a75e36429cfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
96000b0a30e66f6ab762f59ffaba13ef

SHA1
143911154d239c28490f5e86d639d731e33f8f3e

SHA256
3fee9dbc0a8e719bc1512d0a32ba9f682f230fddc374e815af91b63301485649

SHA512
d05c48524d6409c0798f09df657fa44df7b886b7e041a8c390b6df206b34e030082aac601bbcddd2416806c089a025967dedffd324a589d45b2a8690ed60c143

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
086297379d67d12e82f6cd14dc349247

SHA1
8f93d353df5de7d941121f01d9ea4bfa4dcae320

SHA256
34d9587bc4d90315204ee79b5cdb17bd49bc0304de3974f8dca3cb1bbef0bbd2

SHA512
bd9ccbcb8ee0f941667d6e97b1fcad7475ef941c799a7c6bd56d16080f74fe28f0bc682f1a40d186536019561f283a66c7b91eeb56692d417e32451319ce7ba3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c527d835f813ca4bc1464b371667dbac

SHA1
7a05d0bbcbc3571d9f92ce5b7d254122bc2840ec

SHA256
3e1a6b34cdca1c788e09226404040b86bd4a7b26befe5f7cb6703ba57a19e399

SHA512
6987fdcec96fea41f0013d005db8a4648aa252279364d790263402cf30507b7629fb256ec8176e2c585dc328ecc17e645387019aefacdd5a5df5b043aa7478a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
211B

MD5
19a78443017889d86bbd8047f298ca7e

SHA1
02b921b674399f6d0abb051f6c774e4e167c75ce

SHA256
c02ff33809568d9c2b4f51f1006d499fa379908ed0b9a5acb6c1b196fcd54b8e

SHA512
77e42ed9bbcb46c299c97893bf3ebf9561c7c9b6b4188c2f6d72d518ff46a9e7f5f94d67da7147b57d7220450dcffe1bda97f4dd3fe75571ce447007fdbcd4e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
dec2c90836773d16bc3ae08ab4f0dc58

SHA1
25f6e72257f84afa623816a10c2555b630efedb6

SHA256
4e7f663f70c9733a16cf9b7877cfeadee620348310687d3e74f6c01b4224d84d

SHA512
5248f361c7cf961c4a6e1cc259c419e9db408f59abf1cdbe79d725eb9dfa8e52924a030e19f486785e71a696ec7588e19740a85b48cee441e43843bcc4d07ea1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
27KB

MD5
225d697f9de12445f23b575d6a719b89

SHA1
bbf28ac19ab2c6c4648e8c0e6630288f9c4d063d

SHA256
dbb56d5ec6f3326cc85db15378050c4838136944939e3f03d6552ddc8aa4f4bb

SHA512
d1f46310e85375c369ba4db45fed80505780752911b04024f828a1d0e60216d93a2a91ac7028546609612ec4e5efd9cca467e2b5848d6a341800914fa2f19346

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
28KB

MD5
439ab93206033334c751abaeb5048552

SHA1
7667822f92d4ad721dbe4d071d1d2b1254bafe54

SHA256
c9aeca633bb352b1efcfe7fa48a3188209987d71fa07bcbd75fad26f8a124ec0

SHA512
795b04b3ad0dceec3143f70abc449bfd65c4ae58c48d2d6f85ba4a8fdb0778ee6ec8cbec05d0229289f8ba5cedbd126fda2eae4cc52c96dc47fa37f498de0afa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
28KB

MD5
f467ac0f905b1611d06e5d6b53768910

SHA1
4fa0a13d52a1e415cfb2930683d82087e65016f2

SHA256
8fd958b0d0ff0c447c321c9d13c138ff149bbfb1b165472935f332d1eedac09f

SHA512
4bc8679f873ac351d83b5134176bffdb2663356545d38ea32058aa64302bcbfe6fc4cd8ef76791586e6dc1cafeaab47da819c1ad2e67523e3c580580b40343a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
423KB

MD5
6d58209f69da718a31f3888d8aceb95a

SHA1
c82eaf3546424a25eb14aff912da9ed242d18b40

SHA256
c1069c5405c2b9fd6c5949265321f09e1ea2bd490b2ec391182e79c339be6249

SHA512
c98711a2a08f27bf73b07a491f4cada0c7d89d22ab7d12aecd830ad6ab42bbbf3602d141279c41d6a7698808873ff653fa748595ba03f82ce0754fe206516fc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
5c4fd433f3a3a1192da95dc228848615

SHA1
1cf53ad28351aa265f36ac7e60ff3be25e1d0869

SHA256
d07913341a1192d5bc9acca034b998a843dd887b46f0b031d944ca8191f0da8a

SHA512
d1a89ecb778baeccf39f3478299f54dcfdebe28399ea7234cfbf4a763126c4861a7949edbc3988196d06b462e12d52caa03332cd7e8d86fef13c7ab6c10ce479

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
28KB

MD5
f50b88e92ee4e87da6863105b64b3c88

SHA1
16f8c95b5f10b748888e7340b8738647f1bf2d78

SHA256
45ee81860d7dd5911220a8825a53726737d4013684c88a0a8b4bc476479964aa

SHA512
65d5ffa9192911d074122123c6700d183c991d3581b8a580286ab863b54d5cfe1acc85cd2b27e971ede9b7d3dab85e6af4f1ff6ea461faf1d68ac3511aacdb21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
423KB

MD5
c7e2d287b90ced1a7c8383e202aa7002

SHA1
c9e883e88ec27d2b3b6e59a3be92837c39404a92

SHA256
e531c6301b42091a94ee9a4e0596ba82146fd6f1d7afc1c7d993a9d56b37813b

SHA512
8b55fd11c58607a2e6bc560e1766291d4f5e4aba4d51dc7c520588e24f729b241a582f26a295dd331b8467c10d7c4d2ea4f9669ff958ebf3709fee01021d0f38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
424KB

MD5
cb02461fa0bc20d50eca8bc1cfcf7893

SHA1
bed1bbc4aa7ca4cbc9ffc98a4a42e9a03b7c36cc

SHA256
f7f0b7f96752553bfef94d6f383c5e74b033ae34bb6231172ff5788b82e0fa66

SHA512
c264f0af7e6a131fa0238c1362e77834d631d5b6e408b0584db3d52ae4bcae6363fc0637f1c096c9b22ac2b896915b3ebf07c7b94bb94114e1d96f61f74e43ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
27KB

MD5
bf61aa3c45f465a86ba2d49c27cc9736

SHA1
8f8b617b45c459751fd335359a9936cc917ff491

SHA256
bcefbad56ea75c589770e763b2f6c04786a2d142ebdf0d58ce321926f9d8d836

SHA512
03b52103d355bae2574caeaa6abb004dede9e1b4edd21e4c4c689c79841ce4248a26c3233cf8f1e2737d59274a3207441060149f9245d66b8a59a491267be9f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
b31e6c71520f7c85ecd12878dc0d0902

SHA1
406d1a064a386b001e476a46c2f989296baf4550

SHA256
f458f79e2482869424c5d63aaa844f32aa19669070a94f088d22419f9676d76a

SHA512
f244a36c4cd477d7a9ea312c4c7ab67c30582948d92e0db33e111b647d9d3cf9e1802f87d3642ae0360b6b93cc317f8cfada5d70e8b19a4f6e8fab60f46a8659

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
37KB

MD5
1f360f4ef75dae2f93e1410f4cbbaf43

SHA1
c1d3a77a4c4b8f3ac71f2b1c046eda4ec2a5aedf

SHA256
f6a58dfce9bea762de85cf5defbada9c90cebfb2b332f9602fc8f05d86dcb9f8

SHA512
9b267534bce021220d13cf86b9b3bd17fa9067940ce145d988b0f4732cfb6eabe89ba3113e89ac2e99e1d5ca25893d89fac2fa66fd9b1b14f23e6c576692784d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\17224f1a-db97-45a1-ab22-90201088e1f2\index-dir\the-real-index

Filesize
72B

MD5
fa1cc5932bf5976f95916521df0e5a38

SHA1
0a0e3c16ec6889360751813f7b49753e9442d0f0

SHA256
bf5a0b0afe65b1161f4e7642cfe2ea6acdf075d3c60b2b9425295bcaead378b1

SHA512
36e5ec11049e70133fbedd10912cc4206b867a93286cf55250c52f44e1c7a870b333e35ef03e2414fb2834374905afad3a6c8134a90bea81907eb63ce946a7e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\17224f1a-db97-45a1-ab22-90201088e1f2\index-dir\the-real-index

Filesize
72B

MD5
5a13ab560414650c737abd25eeacb007

SHA1
4d574c8a824b066b680e19212ca5c210a5ac23f7

SHA256
5020f29d27088bcc951ec873267591017ff5108ca89248199017cf0ec685c059

SHA512
45a2157e04f104e63009cbe6c321bfd554eb6496c9f91d5f5d9f8cef3664c5fce17637cf14ea41119783fd0bd01b94a9b36bb33b2faa1d88030caf4e448e59a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\28dacc6d-8082-4aba-9cb9-067408b474cf\index-dir\the-real-index

Filesize
1KB

MD5
ccc22c4a1b052bea208611eb21df6942

SHA1
68726b601f7a405af5f3b527827dfbc41af0e61b

SHA256
4883d67244bc7b37907b7a9eec8c0bcc4bae54ba6ae5ddac3debc2c187e22f41

SHA512
d2cd41f7320c5a205b41f5d6af49a977e50db5ae21cb8503e9a6a38d6ee49c43352864cf3680f82cf8b96fa7bd89b0c8c2ab0374347009a2bb63e382e867c410

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\28dacc6d-8082-4aba-9cb9-067408b474cf\index-dir\the-real-index

Filesize
2KB

MD5
3800b11ec432c494ed94f375c17c6b10

SHA1
0d209f9627dde6f22d558503c2337c42a285515d

SHA256
d7ca737709a501d006151ce3de5a5b052c5f33803598e871de2509bb8c5c32b2

SHA512
a419003a6717c8fe931a32227679c4874155a10879459800c54c60e1fe78509277ae9fa04fa067b04cc742ca5bdd0584cb9afee649238e6d8f0557706fad3c85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\28dacc6d-8082-4aba-9cb9-067408b474cf\index-dir\the-real-index~RFe5c040f.TMP

Filesize
1KB

MD5
294555721e81c304398ae725019c770e

SHA1
730a46bb728c67f8f92839ad028f3939df26ed98

SHA256
c5a626049db5ab20b647dc9cff5e7c67d973b72bd099c04f5ad2e9420024f4c6

SHA512
e7eeb2cda818d0200d391651872244a7406f8024a6d8bbae3bb75db89a434c5a8840fa37b5872cb5fe712a11c7d6fbda00a0ad53dfecd074080342099270f8b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
253B

MD5
47cb3c9ee7d68ff3d1babac92b942967

SHA1
3a3c0ecd01fdc92a3f56a85cb50a58652633e7cf

SHA256
2780601d4daa107ab341c70c042a6c83781d9989511be29f5ed5cc5fb5696d74

SHA512
25fa6df9d2ee8e4e8a7f59a18c8eb3e8bb66252dade6fae5bd570ea0054528c5f445a6fc7bb5a81de042fff977814f635515e687bde11cc519b1ce5f05fd572e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
253B

MD5
db86e7bef096bbfaa3bf90e38a32d613

SHA1
d99597be610cd16473a699af6c685920d98b5c81

SHA256
af48c5dbfe4a8b11c63bc010b20569a62a2e65342d684504b49547f38bdd54a0

SHA512
e2b7baef5eda3863f2cc1cf57ec7b28cf21998e555ae2ea4171eef83c10b653f3ea683a16ac3bd61367d30f3e2d87c85b8b5f1060ce519518382c1757e6c17d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
81a156a5edc0b6ef88793233abcba173

SHA1
60c7eba32e5b4d96f7fe11e52d02c52ebe6091a5

SHA256
bfe99d1c8e266a13658a442fc9f94f9a74b2bf284da4317c929f0ca7cdec8154

SHA512
dad4868112738456306885087f063515d385f2c7a163bff15baf6e22293d1f34b1ffaf4ea511cbfe1c7fa46c2612d566514b1a52fd131b55293126d50d4e68ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5d9211.TMP

Filesize
48B

MD5
10dfcf021977532c66dccccce4884757

SHA1
a81bdd0a10a824ffa72d852edce12cd3d423a3c1

SHA256
92449eef2f5ed0531c1f6d1ad9fdbcf9f9e0f602fcae5d8a419fd3d834e6027c

SHA512
4c1e3aa9f8d30f256531c4510e29fb6b179c4e62db0b0b5e8ba810d6bd9ccd077973d2a61e7c06fd132663fbfef72819fc64964abe9bd24b4cd2b84b4c7de723

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
7ab78467e89d58466c7609ede45b5568

SHA1
66b79611a92a244a74c400c45fe97eef849a663c

SHA256
4300f443cdee069cd20636cb639e71ce1f7ece582968f6ae6420947eac70de16

SHA512
48602a52833bfe998784842704a67482c5b622b74d602ddb6772807aa177a47232dbc6acec38cc994f8ed60fa688ece32844cccf22a068d2c58f4981dc85488e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt

Filesize
113KB

MD5
60beb7140ed66301648ef420cbaad02d

SHA1
7fac669b6758bb7b8e96e92a53569cf4360ab1aa

SHA256
95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985

SHA512
6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
7586406b2e70600f4c8bf568194b5c23

SHA1
1b83c12b9c1b846b9f47140a97cd83b557c7d7fe

SHA256
cae29cffd9676a8a7f2c1632cde5f1b6ecfb523f3bf4770a34d20bad21e8f4fa

SHA512
c34f7cd52bf33007df759e0b24810161996f6d70ba4bfb45e42a4fc2389470bc152ec370ab2eee78cf892f67d33a4db154f1567c23cb1535d6324ed45e7b21a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
467B

MD5
9d63fb59115fc649538124b5a164a904

SHA1
8ff1dd4a9af4c557e819e8ffbd3f8e076327ca30

SHA256
6e32b536d97e183bce1b4a58860a01e6a3a91a89e414d3256a7045a83afe435c

SHA512
71267b1ab955296361e0ae369a36396d256bb368cec9a3fcb0117650c8da1fa44dc361f282bc3ccbbcfe0c98e041a85db05dedee8d6deeb07391d17d0f4e6ddd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
900B

MD5
faa30e69c6e0336ec2c3bbf92a4d3161

SHA1
ff52c20ad609e8628706c88eb290e2a48ca0cb9c

SHA256
0c075cce289695b5490e7ccb7a1ac9eb0fe9aeae5ec9ce46f503609c7938177a

SHA512
7ed3e5f5f2592cf8dc0f1927a7082f593957b58daf5b713b1b2c1e584b41f477d71287e432cadaf26b448cef2b97d397899e5895bd47607dbadf2969d20d17d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.1.31.0\edge_checkout_page_validator.js

Filesize
1.1MB

MD5
0e3ea2aa2bc4484c8aebb7e348d8e680

SHA1
55f802e1a00a6988236882ae02f455648ab54114

SHA256
25ffb085e470aa7214bf40777794de05bf2bb53254244a4c3a3025f40ce4cef7

SHA512
45b31d42be032766f5c275568723a170bb6bbf522f123a5fdc47e0c6f76933d2d3e14487668e772488847096c5e6a1f33920f1ee97bc586319a9005bacd65428

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\buynow_driver.js

Filesize
2KB

MD5
412352a121a62092628029e9b30158d8

SHA1
0021445df04bcd60cd83b670ce1863c42f1f4c11

SHA256
87339a1e25ccbbf120f294fd60333e292e1d631e785a9b205ed5beb0128c214f

SHA512
ffd266f1161ab996f38a6d0723e2cf96840b500cf2aa360f48b7953d448a5cd3a2fffa666d9be9c89dc4495497d5016f1199e6419a82bdf18fc99b8a8a4eb596

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\json\wallet\wallet-checkout-eligible-sites.json

Filesize
23KB

MD5
16d41ebc643fd34addf3704a3be1acdd

SHA1
b7fadc8afa56fbf4026b8c176112632c63be58a0

SHA256
b962497993e2cd24039474bc84be430f8f6e6ab0f52010e90351dc3ff259336c

SHA512
8d58aa30613a2376ccc729278d166a9b3ec87eca95544b9dec1ee9300e7dd987326ea42d05dca3f1cc08186685f2fdaf53c24fd2b756c1ed9f2b46436689dc74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\json\wallet\wallet-notification-config.json

Filesize
804B

MD5
4cdefd9eb040c2755db20aa8ea5ee8f7

SHA1
f649fcd1c12c26fb90906c4c2ec0a9127af275f4

SHA256
bb26ce6fe9416918e9f92fcc4a6fe8a641eceea54985356637991cf6d768f9fd

SHA512
7e23b91eab88c472eec664f7254c5513fc5de78e2e0151b0bcc86c3cd0bf2cb5d8bb0345d27afdd9f8fcb10be96feaa753f09e301fa92b8d76f4300600577209

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\json\wallet\wallet-stable.json

Filesize
81KB

MD5
2e7d07dadfdac9adcabe5600fe21e3be

SHA1
d4601f65c6aa995132f4fce7b3854add5e7996a7

SHA256
56090563e8867339f38c025eafb152ffe40b9cfa53f2560c6f8d455511a2346a

SHA512
5cd1c818253e75cc02fccec46aeb34aeff95ea202aa48d4de527f4558c00e69e4cfd74d5cacfcf1bcd705fe6ff5287a74612ee69b5cc75f9428acfbdb4010593

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\json\wallet\wallet-tokenization-config.json

Filesize
34KB

MD5
ae3bd0f89f8a8cdeb1ea6eea1636cbdd

SHA1
1801bc211e260ba8f8099727ea820ecf636c684a

SHA256
0088d5ebd8360ad66bd7bcc80b9754939775d4118cb7605fc1f514c707f0e20d

SHA512
69aff97091813d9d400bb332426c36e6b133a4b571b521e8fb6ad1a2b8124a3c5da8f3a9c52b8840152cf7adbd2ac653102aa2210632aa64b129cf7704d5b4fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\128.18346.18345.1\wallet_donation_driver.js

Filesize
1KB

MD5
03abcce3f9828372d9876aa2e6fcdbb0

SHA1
cf5834e1af5f7143e62a29ae0f7ede79178b3574

SHA256
39a63d56be4f1ca950310f385e8a42f7bc2dcc0e49fefff306176182bfa4f0e5

SHA512
ef9b7decb4cfee3961006ea5c77299a48fe6a667475772f2a78e93bd4f691dc4700f8008138c574898fdcd8d717d84b8b201527ddb5a61346e05d362aeb15701

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
394cc32095806bf480457f3baf72d3fa

SHA1
ef25d167c4b3df644b79f7ba4a768da035741f5e

SHA256
b7ed1f6758e4a8caacf613c4808d2e43bccc098d66dd6f17cc5b29bab272da3f

SHA512
66cc5a47cad00a6f043461afe639cc7903725930f159cdadae5dfcd10c327afd9302270de25919624af0a2bd71a92489ef9785abb56319b4028e2e68901e64c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
ba8d9de2b85493e511c0003f5650a9de

SHA1
140a0b10b59e610ecaad5e510fcd662da6f27d83

SHA256
93b632918200216d2752d5e52f1ef13f937a12ef5269ffe3a935a0ac75ab7e5e

SHA512
51c6fdb0884f3df9ad2710b621096463a9287c0dcedbace604d969a57d254b415129d8d129c390a7d47d3f47dde0b03ddc37f815c6a9b4ca56724630f909b5a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
53067d6edf14a271bac2fd16b6d93843

SHA1
59517b2a52ec82ed2f7671253b0473a3c93de6b0

SHA256
8d9662ded4093b01885c1875bb86f122023fc0228bcf297f063f541302de17cf

SHA512
f586c1b904b62166a25ba06359e38e60f7029db15f40c9a9961b414141b7c3e04df9b4fb0d3e27ae6dc76a8bd653b715aa226eadf846a15021d0aa790ffb0a64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
0e93ad2d6cf7cccc6d93d7fc96c6951e

SHA1
74b5d252c0c35875168349dcf0e1539b588b3506

SHA256
315db857a512ffcd86b7ee3477b867f1e92e24e576b89f1b44f96a0af44eef3a

SHA512
2e9d333abd0299774496405561673c18e54d5526b0048c88862b51a78ef990702d5da949cbfcf13ed244494dccf830d866284eddf815c6fcd58c01184fec2f35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
8558ac6ee6a9c371492f5f199a0a5310

SHA1
413c8792424559a01f3fd7ddda126b2080cd14b7

SHA256
a54adfb5a9d1408686571ee2bb52336bf088c09c5fa677608ff2d935f8e0bfdf

SHA512
d039f7c47367fcc5ee1a0e4561ade80a509b8f9cf45993f8a01bc5814b43b52cb4c5024dd64b4e50090c508e2697975739b267e005269030dcc7b453ba285dda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
00df385be86eb9063e5e6fc50aafed45

SHA1
6dfc2e6883d4dde4f342fb311b43ddc0e9533671

SHA256
a2f464dd9d1eaaaae966e9f46fb6de8402965fa076ff7c8f7229d8b4b51c97a0

SHA512
76c76280226b60f9228472ca66a70564039025102ec9597c2737ecbbc2f8d271c44059d69f1cb0f5e9ba08f59651b3344d7267936a26ef8b008d9d55cda7d22f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
7d905adb9ee2b574abb299f765a1281a

SHA1
38273d9242b4d14d63e9f9b2fd494b8bbc77c91f

SHA256
8324f4dfd3ff29d68474abfdec2ace285af2169e727a75bb8d6357266965ac30

SHA512
1d55b84005e04476d42675739e8718887b866020d2a07ca278e9c4d80e45cbe56cfae85cd8cf19d7812b0cc22d83a1997f380f11aa72ea1ccc16e3eff7bceba4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
75a94ab513741860faf20f8f3d9db702

SHA1
18a2ebab386516fe04e74b2cbdb3ee3f1613b9f6

SHA256
79ca0ff1f924d19a5126cb3a574a5e4cf96874cb5263682aa105ed14d0256757

SHA512
6209be3a3bb341c238fe452f8bee87b8d62130e7c3a5a142e1ee5eca79fb00733633915e3204784ae0367e2bfd6d5b8b9e5a93202bc6cf665aa02105bc451d42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
147efaa386aa05d67cc40b98bbadbcd0

SHA1
866ffd065f972c446c9bc82a84079d5a2ff44dd9

SHA256
b27d756b67bc4677a61dde68b211092d1e2673f6a58bea9962a42c6297fcd243

SHA512
c6f1f74202551e64d3b9c61e2cb47149a4991b3503be5f3647bc987fddfd46d08b86c7c70193123d1b31742271fe0b87dea57675f9d4073d5b29132246fc6e0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe5bf2d8.TMP

Filesize
392B

MD5
0c1421e44d4475de5829fb5865f118ef

SHA1
865f2c6586e5c058740b7f0eb14b2438e94c2144

SHA256
11957bc0e4c7a2bc5d38b70cf8030f98aaf17744f17b301a45e6919644b0a948

SHA512
2701bb663370381c0edd4709b38950c43998d287970c211b96323bd73d9450f50e5e6688452c417714c4ccbbe419daecfd69436a649c209adc069bc45413331d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.4.1.1\typosquatting_list.pb

Filesize
629KB

MD5
55a53c39b452bb89a1f29665f03b078b

SHA1
3b7a93287d2fe88c6c06789a53773f2746f93b8d

SHA256
9097eadbd582b3067e59103b8792144f08c4cc016d07f5952423f35659ce3577

SHA512
2719f9f9ea0a064599c2ac99df9667cea431acfea04f77b9a1229d9b262ef3bfdfd9158a5f3407a2edae96e26f36ad9546b986eff0eed2b58e78cb0d901caddf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Temp\24a1a95b-a01d-4ae2-860a-76eaeccda9b2.tmp

Filesize
2.1MB

MD5
4cd67032e35fa92f5182df10df289906

SHA1
9210bfc66bd808ffcd7c6443e160dc8d6754c416

SHA256
efdad7555293ec2d14399c2c2fc9d07228de1f6e3746b27da621b76fe5ceea07

SHA512
f3d83f6e77e4568d2dae539c95acf0a886926a001b4d80f0ea602387530fc333f688ac031b3057e1c2b0375426cf47ae33315f7da9ffaec601102be0bb7221cd

Download Submit
C:\Users\Admin\AppData\Local\Temp\55feb690-55aa-4e66-910b-f24275352174.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5612_660043396\CRX_INSTALL\128.png

Filesize
4KB

MD5
35696aba596d5b8619a558dd05b4ad40

SHA1
7ecc1dad332847b08c889cb35dda9d4bae85dea8

SHA256
75da533888189d13fc340d40637b9fc07a3f732e3fcf33ec300f4c7268790a62

SHA512
c32f20865f736b772844aaa44572369e7ae85b9f2f17f87d61694acc54487309a32bc4830ed8d9cee8b593babecf728c1ea33c2b9588649be0e4f1e6ed7ee753

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5612_660043396\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5612_660043396\CRX_INSTALL\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5612_660043396\CRX_INSTALL\manifest.fingerprint

Filesize
66B

MD5
015da6c5ba421643a8b70f607769bdcb

SHA1
3b0803a9c69a41be2a07d1c85fd0daa77b3e6fb8

SHA256
fcbe092bb1f107fdd3fcd5b611994c65db5818f11c76a63fd79a67db09c5cb72

SHA512
c57d19088f0b46a483b86246ad2090905308327ae86ec9815588291b0baf0e0af94f3aace885be4b94d0189fd672a4c8e512a188cb0e2bbb6d0dea46805c2f01

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
91674d6420e81e307f563c366689959a

SHA1
bf4e023dd125eb1f9ce1aac5521acceba70c6210

SHA256
ace1f1d593d1b6a8a71e032d8510f88f1bf10311eeddf8f80736010cb828eef1

SHA512
4a3858e543894b219c5f2280d7a6fb9b452351ca8852a1461be03337a32a227bb4351d7f897d702731ca99c6f59fe1dba46afcbf7aff59762630051b90a7a963

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
8KB

MD5
970dbfa0b7a728e38b53cbca2d7558e1

SHA1
653b91d7145831d32edb229797d1a1b96221d3f7

SHA256
1dc69def7727fe1a05a59f3eeb5dab7287ccb85b4c7ca3dcc20eb6201699f353

SHA512
177674fff57b564252fa33531d38d2936a859ba2adb57f26ad11e980f06c339f8c912e8a1b34ac9e9a600e1a02e8179d9cfc654b2a3499aa4465c2fbe19acf73

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_1118344133\manifest.json

Filesize
117B

MD5
e31c8b67612fbaf01c993b51e826da4e

SHA1
65309f2bd6f45fabe9e75b842356853e2e6aea1d

SHA256
3c443e01a86ae358f8dc0533383061fb1319d754f8b7085271430adc0ff262e2

SHA512
de109a3df5856dfc35e3c79eba355d24fc7f459e7dd58aca0f7b65188f5e52eb9b056c64007c7788befdc7045a9e5f4f70665bf55701f52a263d0fc95bb8c2d6

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_1577698354\manifest.json

Filesize
53B

MD5
22b68a088a69906d96dc6d47246880d2

SHA1
06491f3fd9c4903ac64980f8d655b79082545f82

SHA256
94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88

SHA512
8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_165656480\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_2059972971\manifest.json

Filesize
85B

MD5
c3419069a1c30140b77045aba38f12cf

SHA1
11920f0c1e55cadc7d2893d1eebb268b3459762a

SHA256
db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

SHA512
c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_230225440\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_230225440\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_444112065\manifest.json

Filesize
145B

MD5
465cc76a28cc5543a0d845a8e8dd58fa

SHA1
adbe272f254fd8b218fcc7c8da716072ea29d8ba

SHA256
e75fb1fa1692e9720166872afe6d015e4f99d4e8725463e950889a55c4c35bb9

SHA512
a00286cd50d908883a48f675d6291881ad8809dcae5aca55d5d581e6d93a66058e1fe9e626852bf16e5bb0c693a088a69d9876ccac288181b1f74254bf1da1a2

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_50022258\manifest.json

Filesize
119B

MD5
cb10c4ca2266e0cce5fefdcb2f0c1998

SHA1
8f5528079c05f4173978db7b596cc16f6b7592af

SHA256
82dff3cc4e595de91dc73802ac803c5d5e7ab33024bdc118f00a4431dd529713

SHA512
7c690c8d36227bb27183bacaf80a161b4084e5ad61759b559b19c2cdfb9c0814ad0030d42736285ee8e6132164d69f5becdcf83ac142a42879aa54a60c6d201b

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_702329154\manifest.json

Filesize
176B

MD5
6607494855f7b5c0348eecd49ef7ce46

SHA1
2c844dd9ea648efec08776757bc376b5a6f9eb71

SHA256
37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

SHA512
8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\Notification\notification_fast.bundle.js.LICENSE.txt

Filesize
551B

MD5
7bf61e84e614585030a26b0b148f4d79

SHA1
c4ffbc5c6aa599e578d3f5524a59a99228eea400

SHA256
38ed54eb53300fdb6e997c39c9fc83a224a1fd9fa06a0b6d200aa12ea278c179

SHA512
ca5f2d3a4f200371927c265b9fb91b8bcd0fbad711559f796f77b695b9038638f763a040024ed185e67be3a7b58fab22a6f8114e73fdbd1cccdda6ef94ff88f3

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt

Filesize
1KB

MD5
8595bdd96ab7d24cc60eb749ce1b8b82

SHA1
3b612cc3d05e372c5ac91124f3756bbf099b378d

SHA256
363f376ab7893c808866a830fafbcd96ae6be93ec7a85fabf52246273cf56831

SHA512
555c0c384b6fcfc2311b47c0b07f8e34243de528cf1891e74546b6f4cda338d75c2e2392827372dc39e668ed4c2fd1a02112d8136d2364f9cab9ee4fa1bd87f5

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\json\i18n-tokenized-card\fr-CA\strings.json

Filesize
2KB

MD5
cd247582beb274ca64f720aa588ffbc0

SHA1
4aaeef0905e67b490d4a9508ed5d4a406263ed9c

SHA256
c67b555372582b07df86a6ce3329a854e349ba9525d7be0672517bab0ac14db5

SHA512
bf8fa4bd7c84038fae9eddb483ae4a31d847d5d47b408b3ea84d46d564f15dfc2bae6256eac4a852dd1c4ad8e58bc542e3df30396be05f30ed07e489ebe52895

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_70648861\manifest.json

Filesize
121B

MD5
16f004af39a3675a73f5c15f6182a293

SHA1
e7027edbadfd881e03d8a592ae661a985fd89cd7

SHA256
4e5ef1851bc910ceeb59a63bb53725cf5d8149feff9483e960b54cc26fdc419b

SHA512
8ef0d80259b5a38424676918f07238a76c527b643267008999dc3b2cff5c93e29ae85cbf0605f0d0b4f880fd6ae96254ebd30e5b80097eea95f5d27b5d461ff6

Download Submit
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5612_708255198\manifest.json

Filesize
1003B

MD5
578c9dbc62724b9d481ec9484a347b37

SHA1
a6f5a3884fd37b7f04f93147f9498c11ed5c2c2d

SHA256
005a2386e5da2e6a5975f1180fe9b325da57c61c0b4f1b853b8bcf66ec98f0a0

SHA512
2060eb35fb0015926915f603c8e1742b448a21c5a794f9ec2bebd04e170184c60a31cee0682f4fd48b65cff6ade70befd77ba0446cc42d6fe1de68d93b8ea640

Download Submit