hxxps://store[.]workshoprating[.]com/sharedfiles/filedetails/id=3031476653

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
04/04/2025, 01:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://store.workshoprating.com/sharedfiles/filedetails/id=3031476653

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
167	2396	msedge.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\sr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\pt_BR\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ca\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\is\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\offscreendocument_main.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ja\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\uk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\iw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\kk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\fr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\128.png	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\si\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\service_worker_bin_prod.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ro\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ko\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\gl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ta\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\zh_CN\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\pa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\it\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ru\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\hy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\en_US\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\lo\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\kn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\sl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\zu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2564_1512406170\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2564_653172260\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\no\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\fil\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\en_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2564_1512406170\protocols.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2564_653172260\sets.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\mr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\th\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\bg\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\zh_HK\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\lt\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\hi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\gu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2564_653172260\manifest.fingerprint	msedge.exe
File created	C:\Program Files\msedge_url_fetcher_5008_1071149856\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\offscreendocument.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\fi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ka\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\zh_TW\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\fa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\es\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\am\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\vi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\ne\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\page_embed_script.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\pt_PT\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5008_1869853567\_locales\hr\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 4 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags	chrome.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	chrome.exe

Checks processor information in registry 2 TTPs 6 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133882025024709317"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3342763580-2723508992-2885672917-1000\{7D0F3A57-18A7-4CF1-B160-E66DAD9DB32D}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3342763580-2723508992-2885672917-1000\{E4B99F05-FEF6-400E-A61C-2351DA531F84}	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3342763580-2723508992-2885672917-1000\{383D2C0D-D260-44DF-9AA3-1D9FDB7A08AB}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3424	chrome.exe
3424	chrome.exe
2564	msedge.exe
2564	msedge.exe
3424	chrome.exe
3424	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5008 wrote to memory of 3612	5008	msedge.exe	86
PID 5008 wrote to memory of 3612	5008	msedge.exe	86
PID 5008 wrote to memory of 2396	5008	msedge.exe	87
PID 5008 wrote to memory of 2396	5008	msedge.exe	87
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 4476	5008	msedge.exe	88
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89
PID 5008 wrote to memory of 920	5008	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://store.workshoprating.com/sharedfiles/filedetails/id=3031476653
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x260,0x7fff15e2f208,0x7fff15e2f214,0x7fff15e2f220
  2⤵
  PID:3612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1852,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2168,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2500,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=2516 /prefetch:8
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3496,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=3568 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3504,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3500,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:8
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4972,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=5052 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5524,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  PID:5320
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5856,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  PID:5856
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5856,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6076,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=6088 /prefetch:8
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6084,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=6064 /prefetch:8
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6156,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  PID:5516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4340,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=6192 /prefetch:8
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3440,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=6256 /prefetch:8
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=5040,i,3807275883318575923,17363030926882544543,262144 --variations-seed-version --mojo-platform-channel-handle=1992 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2564
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x264,0x7fff15e2f208,0x7fff15e2f214,0x7fff15e2f220
    3⤵
    PID:3740
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1724,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:3
    3⤵
    PID:3104
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2172,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=2168 /prefetch:2
    3⤵
    PID:5620
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1420,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=2708 /prefetch:8
    3⤵
    PID:5788
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4384,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4248 /prefetch:8
    3⤵
    PID:4724
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4576,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4600 /prefetch:8
    3⤵
    PID:5896
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4576,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4600 /prefetch:8
    3⤵
    PID:2648
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4452,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:8
    3⤵
    PID:3940
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4516,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=1072 /prefetch:8
    3⤵
    PID:5076
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4492,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4532 /prefetch:8
    3⤵
    PID:2828
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4856,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4880 /prefetch:8
    3⤵
    PID:2388
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4852,i,6288087245013545523,1744222253107812003,262144 --variations-seed-version --mojo-platform-channel-handle=4860 /prefetch:8
    3⤵
    PID:2376

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:616

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:4144

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks SCSI registry key(s)
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffef4eedcf8,0x7ffef4eedd04,0x7ffef4eedd10
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1984,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=1976 /prefetch:2
  2⤵
  PID:5712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1628,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  PID:5672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2432,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2592 /prefetch:8
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3256,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3312,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4452,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4480 /prefetch:2
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4648,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4772 /prefetch:1
  2⤵
  PID:5508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5360,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5372 /prefetch:8
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5564,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5720,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4904,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2800 /prefetch:8
  2⤵
  PID:5328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3264,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3544 /prefetch:8
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=2800,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5576 /prefetch:8
  2⤵
  PID:212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3536,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3636 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3548,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3716 /prefetch:1
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3308,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5576,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3596 /prefetch:8
  2⤵
  - Modifies registry class
  PID:6016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5444,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3284 /prefetch:8
  2⤵
  PID:3080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6296,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=864 /prefetch:8
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3688,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6348 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6312,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6396 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4652,i,376278273874753187,11821097343666200832,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4548 /prefetch:2
  2⤵
  PID:5036

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:2828

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3480

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x318 0x498
1⤵
PID:1284

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping2564_1512406170\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2564_1512406170\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2564_653172260\manifest.json

Filesize
85B

MD5
c3419069a1c30140b77045aba38f12cf

SHA1
11920f0c1e55cadc7d2893d1eebb268b3459762a

SHA256
db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

SHA512
c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1ff4dae77d88afdde9d0a50083ac1c95

SHA1
3a7bd62183c19e1b5169fba9c392be8a618fce58

SHA256
70cca2af9b82a0528cddfccfae0ffffc625b76337343609bafa86864f51db7d2

SHA512
52ea2aca530ffab75071d2e70915ff1002ae0ab0357d9c4b6f8669158acb736d3eda1b8f488a592aabd4e5d6850275e27a95653e3284f82e42cfbd0a7341835d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
9accf84c770f4f46c0319113707bd7ae

SHA1
4cb2fb346d54110b94e1bb3d7de43343c18c33c0

SHA256
9a2e45dcb6a8952f5bca7b9e8aafcc9d7b003c8fa970acc26e7307300401b75d

SHA512
a3d9b2f72858ea056c5de8284aa57ba00165f5dc556d442434c49618043ccce586c5b7a3f53a0720275fa1ac225f704a2aa442bda1121d5eba64eb4453b02a7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\_locales\en_US\messages.json

Filesize
1KB

MD5
578215fbb8c12cb7e6cd73fbd16ec994

SHA1
9471d71fa6d82ce1863b74e24237ad4fd9477187

SHA256
102b586b197ea7d6edfeb874b97f95b05d229ea6a92780ea8544c4ff1e6bc5b1

SHA512
e698b1a6a6ed6963182f7d25ac12c6de06c45d14499ddc91e81bdb35474e7ec9071cfebd869b7d129cb2cd127bc1442c75e408e21eb8e5e6906a607a3982b212

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
ba09a771360470c45b414512174f6125

SHA1
874507152f9ebac26889b307d26867195b24f863

SHA256
f07178c589c20efd00134084897a5337da97034abc936b1b377ecd1ec2d5402e

SHA512
186c76ccaa636256126a35f27a617f7eaae58c5129a1a207649e316498f2ef7accb1db5428ef8a04c3456837ccd0a4404cee20e8128995eaca7c2de61f7e6c3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
6036ba19004ba9e8140f099b3b23f7bf

SHA1
98453c31ee1283b23c46d1a3525fc014b1c9058b

SHA256
6d605ad7ac20566cd2fbb00e270e950adf12b99a14759c178f68d3feaca6c98a

SHA512
7499d1cd44cb052536254bf24fcaa636bcc3889594e315b08ce67c70bc163e02093ea9ded237faf5835aaecce393c14e72b52a4d5251a8b1520a9a393b79d8e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
adfb0893c9185a160768f0d89b8fb46a

SHA1
dda7126ecd52ad000948ad45e0e69d6f7f317f62

SHA256
e9df8932094f48b082b277c3390ab21cb372eda2f2d92ea283bc6cfbe0b6f8dc

SHA512
31e516d8c57de73146368b8867e6f48b0460aea3414a7142949b8d6fb93f3d5f5325dbe341a27c352f230dc526677be03e8b8248dcf78aed88821852d9b8b3c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e2e034d94dfe1c5bf4f8cae1b05fdd9a

SHA1
f55af7d63cb3971d79b461adebfeac414e79e0cd

SHA256
34577723fefc1baab60fe80597840597bc9bb574bcf629e0430307397ef638e9

SHA512
c5ea5016401a1bae14fdc512f32abd8dac4df4856b9dd7a4015a39f2114956875e2f5b8df52592d6126715ca410d7ae3508e6e9ac6bba08452f6ee3b0fd468d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8034b2e5830ccf7535276557bd7f8efc

SHA1
386001fb48341482c9ebf56588e4d5fc070cbf1c

SHA256
366d61c64c78df10e8898f0e19527b313bda50a2323d07c0ed92f9dee6353201

SHA512
31dba3bb62afcdac1b8b506e61f28c3c97998751b5883fc46f68fb5f7b0a6c95b936576a9c5030a030ef976d2a436fa4fa3e6f185a5299ee0447c823a12661ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
9575dfe61e5cd92781101ed673e08f20

SHA1
8e14b2cd2c67587ee586ce7b1afb5bd74d6837db

SHA256
412e3b4582f3311c8cf2742a978cdc23673d0991c3675adb17f7209ded1ee161

SHA512
51ed10af26a6af1627917a473a82321a81a1a2ada4566062d554d332db638472ca4770216290c53bdc2e1a42fbb793860e7485d51c386140d65db6fdc1f70845

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
20bdd0cec6a961cb1ae50d847585dcfb

SHA1
2ecff84a7069ea924bda6be58d54547324161f70

SHA256
5354f275edd4906de4ae5776602ab6cf911a8a0800324574cfc05d72a7fb7106

SHA512
39fa98b3c22a58b4f1640fca274205386282505980337ee3555b5782ed94a378831099858383cd0aa9e7dbec9fe9a85026dffbafef33e159b4775b2f2eff8275

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1640662d5489bebfe7f02ac5207fe3bf

SHA1
b89a0aa511734a68c5f0b77dddb2d772438a612f

SHA256
55e3c4df97e28e01e5ec58b48a2f59244da522f318e5bea9872565a47e4ee662

SHA512
b312d59c1dedf04d380a270507540bac21869f924d17f4fa46c8cf1ab82463bac4a92923f6f5550b91ea3d76e9a4853840c626736ed530d63530b34783013b38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
6703cce109949a6952a2f8577cd74e96

SHA1
aeb687850f7714f9225547a3cfde7a3d1ec15291

SHA256
cfb725c7336b6ad768fbc06afc9ae3741932b520bd6b8c5cc8e6e8dd7e3ce82a

SHA512
bac474d7078ed0b4b728247a156f41e84cf2ee48a41072f77ade7e0ad96d93831d74a2fdc95daa2217b8d512bbb4902711374419b13b896f3f12461fe2cfdb64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587431.TMP

Filesize
48B

MD5
13921103d56a9deff6c936acecc79463

SHA1
890f0974406b78cd80e66a8a6f70f4de7bbb41ed

SHA256
35e61c5c21683d6c46bd83badaf35b0f3ea8451beffef05c7a6745b8b9f14cc6

SHA512
3cc9c4f1b0cd16988e9bdcdcd7c4d092e90862d75a5f012bd50fc88a61aa64684c501860282b731a2010b47778090fce0232acaac99d631b2dc050904d35d831

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
a5cd1bd7d75bc35b5b5311a815dc73d9

SHA1
b6ad4d18a98589f3556b29f30f42ff8194bb1a3f

SHA256
52ef568a5bed2fe1d39b2f38009e287aba8f14cf2ae21e4fedc908e0599560b4

SHA512
33c66439b0a8c738204e1370ee71ba69ca4590805f10e6dd141635a425fa76f4634712a6164b1a205149875c0a744c6786230fc7d24921f5d7eedef618915e5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
2c39039359f01b20160dd6cb14d4473c

SHA1
c5b41d5f044ed74a1143432ca478e93875b63ed8

SHA256
4019cbd542d9db8584aa34ca6a884ccce917d1a7c866e7aa85f7ac08c1f64731

SHA512
6d12b8c0c70a83e2af9eb6a6af3e73f60cbf65094d63663ca9a0047d8df5a5a16eeafb40e7ea25ed27b942521d8116d38a6c0b15b0384eae704111d9ba8e4782

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
262df5f319d55a0d520a4fa308fe2ebd

SHA1
cee8b27b14d041f7c8f3121d0c6b70e9181cfcfd

SHA256
2fa0f0c89bea0217ecf65b23c0005a39f355fe52acc91078c172df0c90a07b6d

SHA512
ccef353da682d4cce4c33280d136ad11251e2918f35220bd806fa8b2d1424049aa479f7132ae62eec58b98f1e5acd16d9303173996feff7fbdaa8610c051736b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\27be08ed-3d35-4b98-86c4-676ab191e1be.tmp

Filesize
392B

MD5
748a7c3cf2ebb34af34fde2d3cd93426

SHA1
74e7c6dd450cbfa15adb3e449c66e16282269d16

SHA256
3f8d0b7efe6bd67792f41f7e25258e3360fb4f67a0621735f35c82adde8bc887

SHA512
4f1f5ac4cf4b6c67ebc9ad39fa1652c63877c26bdb7add240ed0e6b8e78de8525836c0abcb837d703c55ac7038ba0a958fd8eb1aaec110a86507b25982eeb99f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
df2d1721cd4e4eff7049314710dc7c11

SHA1
f5aed0158b2c0a00302f743841188881d811637a

SHA256
ba336ffd1b01965d7ab0e5fac5415e43cb594139c76b19e4c0d9b5b3b67c1e93

SHA512
11fd520176193f284563c7d050e6a7ab4e9895bac49fdc05759bab2c8a69f224858ccc784b351fc1d3ee5d39345430f9234623c9390978d7daf6a08ff5576ef4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
e61eb5f2f28c08fc13017d2619cbd8ee

SHA1
a477f0027afcc208ac09800fadc723a5fd4b77a6

SHA256
a4f15be985049920256da76ec19f0b012c12bdd66433ed66a333f9e487323d04

SHA512
0129dd8da797a2185d7a1c3e3e0cca8431b09e65c169a6cd7a34401d06a0e6a8640d596a60391f1f8662935fcbbb3fd4c8fb07bb8b8770a824130413f7c00a40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
a1703c1a0c1e6ce5be09f988c288c748

SHA1
0e73a200ffaed5cc9f1ad7157b72de494fdb253c

SHA256
9c6dfe60e6e6abf10b7e1f17820f951c285fff9d4727d3fed899e89f00547bb7

SHA512
1950cc1662184d90ff9135b027d8fe2513303a0d8d90133fcc3f7baa27b6965c65250e52aab79497fa883a7804f3a2a63a9fb64a3e073eff490d8dd5d7ebd292

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
dbdab041d662960bd90ff85cc5d39bd1

SHA1
da66881f9b82ab29ec2c2f5aea3132646ab5abe8

SHA256
84b1f58f475fcf8e5e7ab8d2157ad07cb5b6a10a0f9bce46dd582be136331e8e

SHA512
38d19bd63264498a88c3a4e9f5a34bebde1ff104efd52c25ca152a6ab154eb4db0ac13feb0de72345975f91da7ca3a46acf5b23357ab176e2c2cc01fd0b2ea14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
520KB

MD5
c258b8f4dbf3dc8820bf9e2acc1bc4c9

SHA1
c9a218dc1355958af8939d9dfd6303d420a9d1e9

SHA256
585c46f0b84ddf6c43287e52b61471e11ba5872871aec130ba7175efd0d8ae62

SHA512
3f439c5e5f9582193d120a259dff95f66234b176ea19991172f052894ac894c02addf6446ecc3793adb5d97cdec44dcd24d3ef1e0018ab251d8f591a377a6222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
149923c5206668c44b745d1cec12282a

SHA1
1e303af785292b78449c15ef43d2cbcb3e0a7ce6

SHA256
5879063bf6616f707c6b60eb6c2abe338dbcd1ba98e7141d9b5f05d3d2b72ad3

SHA512
e60fc229995050fed106c018df527bc036d8b422b24b761f815035a768fb855a2a4d9bffa6fed28df81d0dbee8649dc1a611cce2621ef8e1ccff05ad76ad5b65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
d6327edf38d271a18b2aebccaa86e578

SHA1
9e5e9b391e35a2fb306f781bc633d07d3cc1fee8

SHA256
398a1a9720244a4aa6e6a3dcede7504c0e11b09abad18a6a5e65a291c35ae5a6

SHA512
1b029569d4ff071591ffb70372f30a8470cc198eeb5125b8e77dcf05b2949f5a74ecebce9f27b5f55c67b4c3bfef489d79685faded1b535397dbff8b77a5eab1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

Filesize
19KB

MD5
5e5ae2374ea57ea153558afd1c2c1372

SHA1
c1bef73c5b67c8866a607e3b8912ffa532d85ccc

SHA256
1ef458d087e95119808d5e5fecbc9604d7805ea4da98170e2c995e967da308f3

SHA512
46059e4a334e0a5295ebcef8401eb94b8fa0971b200f0f9e788ed61edae5018c917efd30b01631cbd6bdadc5240c9fcad2966ea0aa9c94b538bcc369e10bbbaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

Filesize
191KB

MD5
eaebb390ddb3b1c0e07904f935d29bd9

SHA1
dca8da5b24b1b18b3c8dbc2523f5d145fd4dae13

SHA256
9478515162e79256323883a5092b39e0045dc8213d7dcf7be5dcc1ec5b70e9e4

SHA512
e2dae28c4661b3bb65b3811803a9396e1c9b16eb187b60f2d4d1a8cc65e2ad6ce0931a48e942b5d920bdc263ea939b9164b649edc3752e83daabef9366a186e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

Filesize
19KB

MD5
dacc8dbe89b45adb7293fb3bf9082595

SHA1
c359705668f9a5f6508f1f3d40742cdd98c404d4

SHA256
409909829326955596ccfb7505a8b0a39a315e7bdb6410115a83ea342303ca63

SHA512
3baef65f057e22049cb11bcf1202eb33627293ff0782c5f8c54fc88b3555f977878643ac4bf871dee32c4e094f253644f6c662ab810e9f34ff39d4efdea8a988

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079

Filesize
18KB

MD5
0b13fd4947e9e69e03058aba0ce209b2

SHA1
720335383d4c5057eb6aa32977b99e2847161c80

SHA256
f2513ab830b8d8293ec5f3025dc86b8b53771775f2f4466a7da0663f5f1806dc

SHA512
45ce1a5d07f12fcd95483e13110caa9dac47901a6808308453f4cd05ba208e6823518b537c67f88b34f60889ed9a1ea32f5f7696d419d973dc740bdd86b5ac1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
23KB

MD5
94cd237a74496e453977cc1511df6542

SHA1
4fd3d876aa492fcfaeb7a2e5dc181c316b992f02

SHA256
0301dd0509c99ecfcf2e641db3f0ecc23ffb53a0acded6bc80b7197d6827dcb6

SHA512
033e8f60a5be9af01c3246dd240e82281b1cff25f2e990d1771a68df26d348ebe2c4d4cc2c30ea4274e8377d71c5fcb1d32d518558f9d0382ed1616a2f7d3c52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
27KB

MD5
1b426a95ceb50d255df9458733818c61

SHA1
7af69a7e2c5bd92650e794942d9398614b502fc9

SHA256
8b37c74dad1ba4db120faeffbdb3fe0c405bf9d8b2b488b81332cd564f88ac1b

SHA512
40f9d2c1f86474a951b5dffea502b2366b2cca4276dba18183f36b33ce9b72557020a7de2f0f467da7b2063445807c3724bb43b4a069d98e7b2b17c832d289b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
32KB

MD5
ad6a2101f96364c2d3ee3c271b3964c0

SHA1
1e26ed208a7aa4f2f5740cef06feb2c13d719938

SHA256
f579e2672bb674ccbca8b5393432b3e19ae0bd162e812f8d59e15467a993ab67

SHA512
09cf9880c1dff13410e0537b6ea6f9f346315ca1dd3858f90a00bb01d541513e42af9a175887bfe414090ca612fdc8fc407bea3e7e2950d50f40a97ef2cbf66d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
36KB

MD5
333b68b9dc9add6ef154bd6042845a85

SHA1
e82ec6a736a50c363b69bbf0fef82a2149a4d271

SHA256
b56281c0475a059fd6400732a1b4c65f5d4884f201dcdf8dab910cc298214ba7

SHA512
0aa96ac23c2503f95cfa60db48d4a6225a64be7233cccf5bb77685497ee9ddda056f533034ac8a4eaad886aad94f866cb4fde992f08776252dc5ccc6e49c324a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
43KB

MD5
64eaf97f84a6d97380029e8db3a6634d

SHA1
9717e79ecf6489c5809a4e58225581cde1759fac

SHA256
6f624220f7793d2bb2dc59fa20cdb617d4461ba78ff9a4a8d3f4d18645b7d012

SHA512
25eb8e22c521b18815706d6c8d3390261da05b1aa5dae19d70641cdf22888e21f0b1b4bb738df81d182e7b41723f7768148cb2262b654640c757c8dbb437b8a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080

Filesize
19KB

MD5
35f660fa9ff79a5fec98f722e149bd3a

SHA1
ca12da2f4ade701299a25b22389a2ffc86ec18e7

SHA256
732df9abfc7c09813e56dc1d1f033468a14c5aa37ac6da8b9934c664a5ec6f78

SHA512
b4f7840028308a83dd5b7a4641476d384cad58d1fe18cd44cb57b45dc224e94322244e43e74dcef458855ea29ab967e9fa66bbf983a4c0fca1ef9617c27c31a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081

Filesize
250KB

MD5
26ef0a1057e495fa1c1319554708747e

SHA1
2145fd6296c520d5a7c5fd29f9eee199eddd9360

SHA256
35d5755178417338e92e55d792b96464bd17868613d6c3361cd2a4f68bef5267

SHA512
25c052a5ec8ddb46b7a79a8f0d85a48b1f436fd5e90ce546bceee5fb5f7b18e92eefec5f0a235bf16dfe3c40f2519796a2397733c18611884480fd00f280b485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

Filesize
263KB

MD5
aa1d2cffb1bf6342f80daf5dd90134c6

SHA1
82865d44ced26fe7ed3d651ee6ea5d854f4a6ffc

SHA256
27f56752644dc9a3df28d82799b0f8b056096fbe651d8b75e18eb65569d591de

SHA512
4758e87b3c9346319a9c137e17d05f50cd1ae5850640f09c55b7e83e159409a7199b60dfd67d392a2af58ac7862298c69068cef7cd0ec95e7cb2146418fa0c61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085

Filesize
395KB

MD5
4aa576f478099f817245a06dabc5ae16

SHA1
330b6b5d0535a9b592dafad8c408d3e0fb086bef

SHA256
7403964cb8537f7640eee7c568a8752e7168cbd41752651df11f458f54883fc0

SHA512
6aad5a6c212d31dc3972393d522fcdacd8665fe6e76f80e701a3da87410876b042db7cdb71c97d9d556ba36b959b5ab6a2c8fa89962c79c5a30e5c53c97f801e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086

Filesize
88KB

MD5
ea44c7146b187520606675bd98f2cda2

SHA1
e28fd71ebbd2a0181e2c9ff29a8a77b56cfd311a

SHA256
a3eef15b805b57ac3c180194a74df33011abbbecaf8a1572b75e6af00a98e824

SHA512
3025cc4eb7bd911aa657113117fc4d6026fbd86ecec52b19418ec823e8e192571294c282b9139fd31bd4283d40168cb7250318a2280539a01f2234a1478daced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087

Filesize
52KB

MD5
6aa3bfab2234a77d962c6b5f891cf3c2

SHA1
5e92d359db6725ba9dde547a27769fd3659cff35

SHA256
06e1e9d9623c34ea8afccb7d53c7e3a4468c0f923e185a45d2e9989d6b6a8154

SHA512
51b40e6c6f935e8c923d025777c9a983236ff648b5339a7394ca7f7632e5f7bf54142a883998893f938a958553b0bbe3161da580136a040173ff18271844c7bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088

Filesize
28KB

MD5
dc5f24e2cd90d85ea042104e144c5e2e

SHA1
f7ed1a56df72b8bd68db8a075137b913978eb9dd

SHA256
41ed51c0c70a9b928767691fc63ee5f9c6bd2a0a014ca740b3251fe4722aad28

SHA512
05968fa47acb292e9ef53fe0d8439fa9876d301f6bb1842b8904200bebf093f16e67976b8772f1a647eed5e614870ef9cc40520d7feed9a00f64d0c88567bc4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000089

Filesize
120KB

MD5
6168553bef8c73ba623d6fe16b25e3e9

SHA1
4a31273b6f37f1f39b855edd0b764ec1b7b051e0

SHA256
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

SHA512
0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
494KB

MD5
ef7afc45fb8bc2f3e9fc3ad1fdc241c4

SHA1
5f629a040849350a866c0f3037cdf2a5c9f25818

SHA256
2d6d8b3b41c47b2b4a572b069ca8ffb2768758f543579b37d3dc896e07ebcb33

SHA512
f005acb3da8f7f69bfebf2e0a23d5fd3d6eb25c8856e4682e70455ad11c268acf1b8e2e403ded56bcf53969f88eaf48eddb5166ed25e62c82a3ba37d2ada345b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
48KB

MD5
e01588d3d4b6b5692122a37e0008bb3a

SHA1
6f86b51da0af8a7c2aa8c9bd10d82afeb93871a1

SHA256
8b73c52249d78b99b1f7c3d9e7a5a698b58b62093fdfb8ace6707fd097084473

SHA512
c0adabc171040553b497faf97e43a1b373e83a435754f12fb82685b19d5834503f4bee28fcee9c215c0f22b6cd4c735717df23b7c21dd560462893c25d35b758

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008c

Filesize
524KB

MD5
03ece34a31c26508365b50aa86eae3d5

SHA1
1869d2b881f898a16e9f3df03050d5555b534cff

SHA256
8f4b572c4abca75c5369a9550bc67d6ee4083d5c91aa8fe610af08bc38690b24

SHA512
7da9041087902a91b9c675acd1f856daf1fb4c89991ca9d3831e9d75f1e53e9eefbb68fa3deb6f30dbb80cbbb0c42cc95d32ea812627ea694ce14c3664e546b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
76KB

MD5
5c60385fb1326fcc526a6a50fce2aa25

SHA1
0970f295d982dbb15c2a7de853af6d69af9853ee

SHA256
4517f8c9a48fc8efc4c9d2fbe17bfd5e8a445d7f1de3de6c6837bd1b93a9825e

SHA512
3f85a5bd784fb60b0ad8a0bb55193cb75ec10e0c973403010371fb5f00a6986b203ada4bd1bdccf2019bf2c6c4416aaf333b2041a3e7d4076ad2822f7d7865b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008e

Filesize
60KB

MD5
7af2f3a23212213b1bb7f819cb43987a

SHA1
51ea620cdcf7902507af9a88056d641e69521940

SHA256
72fb674ee864c878f315bd3aac4cd476d98902077dcd218a252e7ab62547be1d

SHA512
470203df9f448abd5507236f4caed2672265c85314bccb6b762df951534e66af42d46d389c76a5bc90af0ec0acbf5aeb8cda35dabe5a121370d6f4d47f6b53eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008f

Filesize
271KB

MD5
7ce82bcf95de805e12c1d3a15a15f5f5

SHA1
4255039bc0488a162c735bbd0025d3b5fc0b12b4

SHA256
7e13fe0619ea552a6968fa2421f50c4bc61bfe807149f5e5da4704d085973b14

SHA512
9194ca66a45126c76206e1854b2fdc859aeda4e6d9d79316d46dc33c63ab04d335a5e84e661bc771c77d0e3cda5bd0fa94c91b696807ac61c2622cf0edcf30bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000090

Filesize
29KB

MD5
af01d66cbf236dfe528fb6fea134e0bc

SHA1
feca6dd4f7687b2e71c583b18b48a976df95496b

SHA256
6b6e9c8f12e5a2da4121b1b28445ef7c85e1677414ac81b4a3629d2cddb9369b

SHA512
7489602346bb94c223e097debe74ec34bdcabfccc67fdc30268777d801f557dff182de25e23b4715b18d307538c576ae3e125676e812d2ea46c18a7c7b4971c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000091

Filesize
419KB

MD5
b100fa97cd38c308203b3dadf8dd4a08

SHA1
d95fa43338bd13b02a94d8fb88ab613ea714e87d

SHA256
d6421930a1c785662bd4504bb7d46fa8d1feeb017f1d2b82b2610064f98dee20

SHA512
aee0e72357ba8b875088aca9f2b7b017f8550158dcf3a9e1cdc7abd4b3b4538d612ed7deb44cb3a79f78dac1079172118c91daa7e0bafb66184fac4635a7f039

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000092

Filesize
19KB

MD5
99af5da82ee74e7d9502225446604614

SHA1
7deff05853fbf1528875f9c358b8a6a31d6dee5e

SHA256
031fe7ea42e0a823949190f13ab143f1d9d26fb0b22d863b582593a37cbcda9d

SHA512
7d2cec0882df88edbb4789fc14c7721f6dca5681c85919ee1f033d5cb2324f9c1305707bbc4c534e0019a2b163291edf4bd65c374e843d75174589e7148aab07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000093

Filesize
24KB

MD5
644df470e63a02afb32a053a23d7502e

SHA1
d42d853675ba656fb9953071cf42f4da0a772b09

SHA256
547ba291bb16ebb655f2ff2c5ab046e08964e73c145ee417374ab975ddb5d190

SHA512
77e58c36322db5b60cc85443c52ce8a717848af215a00b555399cdb6da249eea987d77ac3100a35e8f38dec95ccf64012a75f96f95bd8188da735d2af62a5475

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000094

Filesize
32KB

MD5
31b05e57c066452d73ab005bb42865f7

SHA1
2a8efd5d7753dd756c539ad66831b01f603fb13c

SHA256
84d0be622ddeef6d0793df5d274965d6d13a756979b4b484185dc7a051eb4071

SHA512
f793863cec23493b58311d37720fe7d48e21c92da5cbc9c5d4562e47a046e33be4584d58a1c031513298c55a9c33f5e591fd5ce831c9c33af9c2594bb071c277

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000095

Filesize
36KB

MD5
21f4955f4e7a07d5cae4a46fc74ab263

SHA1
3e3e25ca71bb03ce2c9b2a495b346b9653568b1d

SHA256
0870954849b1ccc0e6a9754cfbd3ce33f791cde77156d1f84519713ac47c37c5

SHA512
ec857db1522f15d6b769dc775550eb0023e27c080de45f6c091bae25b8524ed17fba0ca84af38459bb1d772bf479327b031e5ef677d3eb7f65c703c03fc70b84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
e30fe44da2e51c28eaeb9d7849b970fb

SHA1
ad2ebd57cb3f4edb95804e95d9d2eef4da17f125

SHA256
60d0e40507d022b4ad71379b6b81a80516f6017c38ae51eb09dc463db0f718b0

SHA512
f5d4f684eda4b150b5b5e9c957e05d21c79cbba6882977e806d3ac15b17c40a4750c4db9d6c1e47c6839ccff90c76c7b03f8d5217357d1d1414d18bd044e2558

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58052b.TMP

Filesize
3KB

MD5
c976073651d921a3f49a798310fe2454

SHA1
0c24a2d1a6ebb660ccbc27761737efde77c24788

SHA256
607d89a18092369e09dba2fe9c2e258be4024d618ed18befbb260a241304600c

SHA512
90a5801bc1fd982b847b535334e31b9fe8c092d78a4b3dac4dfa9e1e64aed350184231f1156941fddc1940e02d43b91ba5c1bb8f18ad6acfc46b79463827fc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
ecdceb217985bbca8abde32d3656e68e

SHA1
89e209b0d539e3df410287b2a1f57d7bf449f097

SHA256
394deac4403ec7adab3e3c71ac320c3720b9879c2a4e8be95402fa308467a88f

SHA512
794ca0ce75519b5e6bfdd1b57b015fba9b2dd3ad85de293482431ed7c66a64fe1228f94e30eda31ca82e95f185b62f79448392d860430b6dd3ad320829ead44a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
128KB

MD5
046ebc8a82317ae1da576c6959ecbd2f

SHA1
5645b3e9fb97e9921ed26eae1ec4f25999485b2b

SHA256
cb7c0cf9111d5c08570a5dacf7489495f5108218cc482576ce47b7bb17e38f3e

SHA512
8ebb3dc886fe2868e7095709a35ed9b06be67a4db203f4d6785dc4e2daf1e03a28078c052839cefd0bf3e8dfd3e79cc7b646094fbb3f7395d14fca78890ec193

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
818236ae8e5fc147ba45f7d387ea24a0

SHA1
a0cb8d0c749d3322575e8c224baaa617abad8fde

SHA256
0b2df7b1bbacf5d8a18941841b2ed79ab55b66718c94ef036c5696b0880534e4

SHA512
d18ec3b025d835351ddefe9b616f247649c54ae9eac6cedea3e7c0ecc35cbe4e5dec5e088ddbf4270a25eaebb9c268a24e70e3abf0fe5321db70639ab01e5999

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
2b66d93c82a06797cdfd9df96a09e74a

SHA1
5f7eb526ee8a0c519b5d86c845fea8afd15b0c28

SHA256
d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954

SHA512
95e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
f6782cec415a054d3cca94aa8d268e84

SHA1
ff00f95b5e4a011e2b2d144344a92e2d1228906a

SHA256
c91194dc7532a410984c5a378d2c4ef897b4b8820b687eb676d10a9fbae3b0fd

SHA512
55342bd330488e590458a9efd5e4ada5a908b7051d58f4f32e9709112a38e607c850bfc0c88d444ae086bc98825da042b69270ee5eb44e904c7f929d43f2380c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
516855f1c5fdb23808f278da76ab2756

SHA1
375bf1681b9212c49c3fa1ae0b4067630de3c197

SHA256
63064f142126f0950d5cad5a4b81e3aefb1e110e7021bab758a482ed38e49e27

SHA512
b4f4303166a9289579902bce4f948db6258d832e93392ac636b047a90254859298b9dcf8b2903e31fe9ebeeec369a7959c98a617b0bb19da0c5f20d17128547b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
66c03d6fc700207af078b7d6993c16b5

SHA1
8bfd196f341fae3ccd04138d7a7c390e79525039

SHA256
561afc241063c0d4f6017719342680b095c346bc2f71ffc2d273ab6c28b5e243

SHA512
1a629831b41933a8335abf3cf88a9f20145fcfc644ac62fc06f2ae0ba3e3f18db8587f2cb52ef7b5ba358155cee3fce95d31979e3ae3666c1029e063daeb1301

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
61019d8b7ad4cd2942d7ad44c2017645

SHA1
add841fc1ff50cf6187f52ae4e5808f3a98b6188

SHA256
64e0bc3e11adb294f4abe533506739175a8f98001614e8cd215d3da009125015

SHA512
40d52b04a62e4f7c8d9c0f51f52cabeb55f269a3d1869d88e3ddd371f166f06c06c947ea0da9f4f77088a75ee3f048fb54893cd858c5a7316a9485aba425c56d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
6cf64f87f38422854f91e9ddca27b521

SHA1
053f822d358570b6c7aa95b4c5a5e81ced995a09

SHA256
2b7142457764feff13040e2f02f0c794d9b8e302c89a6e6ff3d7683ab9b5c4d6

SHA512
c7017a3896fd62afdb9264322b7cea863196264f58e68502eeb2d155a08b19ec71cd5a0f6fc38e5914e48e9f994f8c90b1eef62724e8b23841c28e963849821f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
335B

MD5
b51d1969f833075fb1faecfaa382b05a

SHA1
ea66df85e391a3d58cefc0274b5d717c6fd601a9

SHA256
909842056c06c5a8823d75c4ee428bab0924e3a5ce1fe1f0d3b6f44adc7f8c53

SHA512
e161597d40d5f8b79d50740d7bd34cba9af0ca7914a7189528cb5925bde931f5ce27614e7d13b5a099ed4c15e3a43ccb5740e9e76811ad94f7cfb280df8bdf2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
af588496fc4df50513abd9f0c68be39b

SHA1
8639a9cf3141764b3c6784638848967dcb7aaaf0

SHA256
ebcfa9a1ff1263780694453f522eb688f8d3afb5a21c8a9e4b53b7ac55a2f25d

SHA512
8bd230250cb9b396cd3b728a07c156b9aacda8e80ae5a18d19eb58d27c0b25996e8f2244eab56e4a63a20b4474684d891ae975836a655408fb987c7af30af9e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
639338c731899642ecd620778a0cf188

SHA1
5f4af174538077ed04991ab175ff41aa942a9eea

SHA256
c629e2372553c873110a88ed35029bcf9bc646a9184e475f301ee09fac9b8500

SHA512
595f5dc22570b514b5d6bf6af6bb895469d846adbe19abdf98bcb835221b0808d8673e688d90c96a36c06804e1aeab38eb847033eceb8042ed53289cbd343c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
9c7b63e3d4e1fd4eef214002c0617bc7

SHA1
82fd46d3d5414095cfdf922e61ad344ad6279cd4

SHA256
e162858fbcc75417a9fbfb2437db819debc0bb65d2e47172553caa89f32bba8f

SHA512
b4a7efeb47a72018cff10da1834f99ba541d3c7303e1d188f060dd76ccb0399413bda80fe1a7c998571ee102780dfef10c3e63c83d59973ccdecfdd0c79f7f94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
a95c76543ee90a221b86272c47baa8cf

SHA1
982f7260c8c6e4bdccae1fcac9a6d624d5502911

SHA256
97a4694ef5b41990f3fc83135acb9ade0606e263654dd4d984eba6a187e75699

SHA512
4c43c246c4a9d1065af58c9aeec6580d364f856b12531416b3b183b15f1f0d4a1f29abbeee62ac55ff02c52d9aeb96cb787369a326a60446f28e7abb3792b26a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d8a70384-9dd2-4ec6-a649-3b699a1a765f.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
892B

MD5
947ad35aa4fb3f04df3f0931a3102e58

SHA1
8795467c98c83d603a7b3466245edef1cbf7c5d2

SHA256
1183d9243ca5ea90a5ea41154a49848ce48a84fc27b1fe41d467f87a7ca07c4a

SHA512
7e827ad39f62c4dc20ca7ce02e4619e6610e966b89e5dccb3caf469afecffc1507cff5402bd73652191da9b486ccba4b42d65bfc5d3c4e891b8b54bc1fe7a2ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
463B

MD5
19b024af6b06b67c910993b7c51dca0a

SHA1
605dd84fc6f38162e8b71610c5410f0f240c9b04

SHA256
1b0a8ba22db7cf03297a3d66365d26efee798c3984825875cdbace3cd409c74d

SHA512
da21b3f910105ccc7f3538c4f1d4e345c9b32f7ed0b69f74b2f62689c116d8d7a8da38ed76b4e6783ca330ea0d80167f706ad4d8e40f1a6a814ac09b8a550d4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
0b18840a3623166531cf8a8e85d1b6f4

SHA1
40cd8325f51062ae4fa6eba8f509bc00776c9582

SHA256
0e69618fee59327b9eaaa31fccceb5bc42603472baafea0f5cf6159460e8aeb9

SHA512
687c33cb4eb54b383c7b8913e84517db21e90df1528dbf7cdcd9d5ab93d109d866ede4361b4bee89f2ae720d22a2b467c0b089e9718e029ec9740ccc45303b78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
54KB

MD5
de3837b5402acf5d6bafc448d578e53b

SHA1
f1feafac148f785676652c9a1c2fe09068c2499e

SHA256
c0fdebb2f5c65b5b36d2130066a56d95bcf3ceb469bf372a9f412c8c8782a2e8

SHA512
06f8ca225b1b06b37e3371ffc933c1d8cdc8026be9bdee9a3dfa6a3fc00cc2fe7102c24938ec1f1383dab4171197960f3515aa80ba8ce91a9948b1a85fb7567d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
56KB

MD5
ac49639cd88573b7bcadfdecc559dbd6

SHA1
e1974b35a4251deb1f5ab4a7a63a42bad26cb000

SHA256
e0c1b5b70ea26584316e8f036fb1420a76c4edb5a1b45be5f458b3982356fa84

SHA512
42688ea72758b090a94029c7fa24b04051bfd01a1fab1350950428bc42515a18736b830e54a77dc20e47d887b1bf24a2d495d9f9f990f4729d4309f940b10a0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
8b4be13084ea7b38124f36c16b0ebfb0

SHA1
aec2605ca013936d125029c4497b76abb82321a8

SHA256
ed4ba6ec53b9ab5de7470aa53cea15c5bfb93d9a53e0f9bb606232b5bcc859a4

SHA512
38dee2507f5a58b0b3f6ae85c7b3c89351270218376d396d61b53727ff90d3d9d7a896d20673b05df3c6b1f900f0eadf3e561d37d8424017514a991a93155f9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
56KB

MD5
981738499326caff0c4148cf0539d1b3

SHA1
04854152d6bda239e59690fda0ae2e5e3b40b995

SHA256
e9887cb0159bfdccc3198d5c8809cc787a8ed8b5da7bda111cd5979c5449af8b

SHA512
69498cb5fe0ad223a0f704248c873f1cb20ffba6eff1235aa3ac3eeb7aea87e75b99acbad1f24262a31fdba7319449579ae0ba82352b87a6965db6adf04b37ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
952cb150329dc328e2b1118d53aaeb56

SHA1
3b7a720a00ab2eaf61b60557035c447e37e745bd

SHA256
4724fdd23e9a03fb825a2706f046de4921bfa5080ba6c20c636f1d698221fb32

SHA512
cff8dd77836331f55da6f277e8ab56f008c269444f1335035b2355e499d67d88cd0d5fc36bd3367fea61eaafa269eed694dcd877420697d8faffbf013ddc7dfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
a86ae172282264489ab8071136732b1e

SHA1
a175a51f2dc336c54f3c26e2f48787fa872be16f

SHA256
4d683c88616d61966c317d9447de56b3f3e7bac4c64605a93b93fddab28f0639

SHA512
8b093363e9b12dd07757a7c40ed9f64208476b955a2ec36ca7bde3533143301c8de08a3e9dcd8765c04939793daf232551e10376a43aefe3406448fe148fca54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe57f721.TMP

Filesize
392B

MD5
c426bbff6c31dade28291d7bb558bb82

SHA1
28ddb0985d35c51c6f4ef798577370e2d944110b

SHA256
e515b9e09722f8c4567951bc3c4df85de9cab53ff80f48fcb63696e9197dc996

SHA512
eb539170620f09def99904d46fa64b41bdd08207f0dd989316862aad164aa17c94075a57eaea62f76387ba2a3aef4fe4c271e122ad17543da36b7be852c0257e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
6ab80d713fbfe8a413fde61958cdb9be

SHA1
6bab10ce66b83450186b59ef9d9c8c714f94aba4

SHA256
1c3299a088f9d48bc1c168fe843767fed19a1f453dac401c6df138dae3284727

SHA512
321f9583755e01df57bf97da40d9fefe5776aae0363c7187f1cd924fccbeeb8d9b8ed735e908117017836e8c456d35a5860d95c28113a231f4c12678024c53c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
6cbe655da8123755ea0e3b081c527e99

SHA1
97857de168425f5cc7e3d06f5544363d66ac0ce8

SHA256
855fd8c4ad1a2dd0d0611e9bd36afa9e529a017dcc48d127de5238f918ddffa5

SHA512
1d66f48b62b1ff1fb7b3bb3488dd1deb7ef36f10f648090ef27cd5321afbf59393e0d8788d39e88d71700bc3c0765dc8e59d85bcdf7e3072abf57307fc372208

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3424_1442290910\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3424_1442290910\CRX_INSTALL\_locales\en_US\messages.json

Filesize
1KB

MD5
64eaeb92cb15bf128429c2354ef22977

SHA1
45ec549acaa1fda7c664d3906835ced6295ee752

SHA256
4f70eca8e28541855a11ec7a4e6b3bc6dd16c672ff9b596ecfb7715bb3b5898c

SHA512
f63ee02159812146eee84c4eb2034edfc2858a287119cc34a8b38c309c1b98953e14ca1ca6304d6b32b715754b15ba1b3aa4b46976631b5944d50581b2f49def

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3424_1442290910\CRX_INSTALL\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3424_1442290910\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
2a738ca67be8dd698c70974c9d4bb21b

SHA1
45a4086c876d276954ffce187af2ebe3dc667b5f

SHA256
b08d566a5705247ddc9abf5e970fc93034970b02cf4cb3d5ccc90e1a1f8c816e

SHA512
f72b9190f9f2b1acc52f7fbb920d48797a96e62dfc0659c418edbbc0299dccf1931f6c508b86c940b976016745b9877f88f2ee081d3e3d5dcdcc2cc7e7884492

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit