hxxps://learn[.]microsoft[.]com/en-us/windows/win32/inputdev/virtual-key-codes

max time kernel
145s
max time network
146s
platform
windows11-21h2_x64
resource
win11-20250410-en
resource tags

arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
submitted
16/04/2025, 15:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes

Score

8^/10

discovery motw phishing

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
78	5016	chrome.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
457	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	5016	chrome.exe

Drops file in Windows directory 3 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	msedge.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133892924780023009"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2211465213-323295031-1970282057-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2211465213-323295031-1970282057-1000\{FA13CA67-1CBB-472A-9F38-740070A2C7F8}	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
5676	chrome.exe
5676	chrome.exe
2484	msedge.exe
2484	msedge.exe
5676	chrome.exe
5676	chrome.exe
1572	msedge.exe
1572	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
5584	msedge.exe
5584	msedge.exe
5584	msedge.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe
Token: SeShutdownPrivilege	5676	chrome.exe
Token: SeCreatePagefilePrivilege	5676	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
5584	msedge.exe
5584	msedge.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe
5676	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
8040	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5584 wrote to memory of 5960	5584	msedge.exe	79
PID 5584 wrote to memory of 5960	5584	msedge.exe	79
PID 5584 wrote to memory of 2288	5584	msedge.exe	80
PID 5584 wrote to memory of 2288	5584	msedge.exe	80
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1504	5584	msedge.exe	81
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82
PID 5584 wrote to memory of 1396	5584	msedge.exe	82

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x350,0x7fffceacf208,0x7fffceacf214,0x7fffceacf220
  2⤵
  PID:5960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1764,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:11
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2056,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=2052 /prefetch:2
  2⤵
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1924,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=2648 /prefetch:13
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3424,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3432,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4816,i,10916098302544386127,3799952201170732073,262144 --variations-seed-version --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Windows directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2484
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x268,0x7fffceacf208,0x7fffceacf214,0x7fffceacf220
    3⤵
    PID:5648
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1804,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=2220 /prefetch:11
    3⤵
    PID:6104
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2192,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:2
    3⤵
    PID:3876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2452,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:13
    3⤵
    PID:5268
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4324,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:14
    3⤵
    PID:5512
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4324,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:14
    3⤵
    PID:2396
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4616,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4660 /prefetch:14
    3⤵
    PID:276
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4768,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4736 /prefetch:14
    3⤵
    PID:3692
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4756,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:14
    3⤵
    PID:1096
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4744,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4808 /prefetch:14
    3⤵
    PID:1952
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5084,i,6201729690235824362,16888850812764644549,262144 --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:10
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1572

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4916

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:5284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:3060

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:3624

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffaa7ddcf8,0x7fffaa7ddd04,0x7fffaa7ddd10
  2⤵
  PID:5140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1796,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=1696 /prefetch:2
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1452,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2244 /prefetch:11
  2⤵
  - Downloads MZ/PE file
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2356,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2332 /prefetch:13
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3236,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4160,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4176 /prefetch:9
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4688,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5328,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5384 /prefetch:14
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5384,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5412 /prefetch:14
  2⤵
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5464,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5852,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:3348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=6056,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5388,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3324,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3376 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4684,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3464 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3536,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3468 /prefetch:1
  2⤵
  PID:556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3792,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=1456 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6276,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6340 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6248,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6288,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6152 /prefetch:1
  2⤵
  PID:124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5960,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5968 /prefetch:1
  2⤵
  PID:5316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3364,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3772,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5896 /prefetch:14
  2⤵
  PID:3412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6232,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6172 /prefetch:14
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6140,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6164 /prefetch:14
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4260,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=3508,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6544,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6524 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6728,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6644 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7108,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3784 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6368,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6404 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7172,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7188 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=4824,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7336,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7348 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7496,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7520 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7668,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7684 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7836,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7984,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7996 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8140,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8148 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8188,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8204 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8340,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8344 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8488,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8480 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8080,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8012 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8648,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8028 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8996,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=8104 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9032,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9152 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9312,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9304 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9464,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9484 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=9756,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9772 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=9896,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9904 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9140,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10124 /prefetch:1
  2⤵
  PID:6244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=5576,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:6636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9356,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9684 /prefetch:1
  2⤵
  PID:6728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=10196,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=9716 /prefetch:1
  2⤵
  PID:6736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=9360,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=7864 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=9412,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=5780,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:6852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=10292,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10300 /prefetch:1
  2⤵
  PID:6960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=10444,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10456 /prefetch:1
  2⤵
  PID:6968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=10584,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10644 /prefetch:1
  2⤵
  PID:7072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=10792,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10064 /prefetch:1
  2⤵
  PID:7124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=10900,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10896 /prefetch:1
  2⤵
  PID:7132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=10940,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11100 /prefetch:1
  2⤵
  PID:6404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11228,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10920 /prefetch:1
  2⤵
  PID:6432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11356,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11368 /prefetch:1
  2⤵
  PID:6444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=11524,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11552 /prefetch:1
  2⤵
  PID:6548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=11536,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11704 /prefetch:1
  2⤵
  PID:6552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=11852,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11408 /prefetch:1
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=12008,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12024 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=11860,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12156 /prefetch:1
  2⤵
  PID:6628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=12224,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12328 /prefetch:1
  2⤵
  PID:6332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=11520,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10768 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=10540,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10984 /prefetch:1
  2⤵
  PID:7436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=10312,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11340 /prefetch:1
  2⤵
  PID:7448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=11308,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11284 /prefetch:1
  2⤵
  PID:7500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=7016,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12352 /prefetch:1
  2⤵
  PID:7632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=11744,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12164 /prefetch:1
  2⤵
  PID:7640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=12516,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12460 /prefetch:1
  2⤵
  PID:7648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=11384,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=11488 /prefetch:1
  2⤵
  PID:7656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=10956,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=10352 /prefetch:1
  2⤵
  PID:7664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=12216,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12432 /prefetch:1
  2⤵
  PID:7736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=11424,i,3485999672653960284,3983254354510486191,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=12456 /prefetch:10
  2⤵
  PID:4364

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:1384

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3268

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:8040

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\582fc3df-155f-49c2-9c3e-09619bb1cccf.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
414B

MD5
c2b5b3a62efbc4232d2a69fecd1e1647

SHA1
cdb61f0027c681b0cdcddf03c635dd8440d609af

SHA256
b1c782f0a0cdb4a8ac3b6331c0a9d06bc0da440137b4a84de371c33183960fed

SHA512
324f373bcf1b27b1dafdac404845524ebd6e8f7ab739281b04e8338ca271a554ac152ac376af520bdd5f2f26fc86376eb065adc55536197219bb75ee172b0e70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
32KB

MD5
b582b2eca79a750948dbb3777aeaaadb

SHA1
bf0ea1c8a7b4a55779cbb3df1f1d75cc19910e9f

SHA256
04c7f19e1ae294cc641f6c497653b5c13c41b258559f5f05b790032ccca16c82

SHA512
35cfd88afe4e4e8091d3a5c53f0f3e2dcd92aa58b7544b94d4d9d7cdf508d429c5292aa97b813c9c8ad18e4d121d4e6595c49f5ddafbeab7b39f3a7c9d0b58dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
66KB

MD5
33411bb179575dfc40cc62c61899664f

SHA1
d03c06d5893d632e1a7f826a6ffd9768ba885e11

SHA256
274befc7b39609fed270e69335bc92b3d8251545594636eb408d5d93e0ae1a4f

SHA512
dc830766c928ac84df16d094fc92586b9c2c25f819123dc9b5ec259220b4b1c45e2af28c89a710f047c00c9dcf7df8dd859a9a7a2d2228703f616df13caef2c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

Filesize
216KB

MD5
50a7159ff34dea151d624f07e6cb1664

SHA1
e13fe30db96dcee328efda5cc78757b6e5b9339c

SHA256
e990d9d31c4c7d57dd4795e43baea05501fb6ea8b7760f89001be660425dd01b

SHA512
a7768dd7e315b07754a305080e0fc023765e5a224b2c3824e8e10f29286df63bbdefef379e069941fd8cd9c7c3befce976779ae2efdfb6e7da697b09d7f07250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063

Filesize
67KB

MD5
94a1f80f3781cd036d7962848b38584c

SHA1
79f7943854bba5c954830622298cd41b15896911

SHA256
d7a435160d8ee837ec4cbd8cf6268526b7fc8ca64ea90d528e0c4e6d31fb1030

SHA512
3d27c4830d35b759f68295a00858d8f09bf3f2f47cb9816b7cda9387713d5cdd7ea52dfa8ad7b18388f0098a81985b71abf6387318112efa98824110b720d760

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064

Filesize
143KB

MD5
ffd664989c5796c4cea84b06fb156175

SHA1
566244b7d4cbabf358006f9f02139d9b99365fab

SHA256
63cd5f13e10022e9bc2878a4f5ba8ea2fdf38c391bcea0140e5c9160a1779ed6

SHA512
b840c79037a8c8da9196590f2809991941b66ed9b56b87cac9bb2d15c679487957218fd9ed25eff1eb1cf68f746825214cfd0b38327a61e90be942768acdfe98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
56ad782fa7882bfbd767e8f686bc4c99

SHA1
67138afaded90ace85a9dd765853fc488484396d

SHA256
dd02f353d16e56d406f584c227bbada7ba6868a365af1efbe10e06255647406d

SHA512
d5f12703e725cd0d8689fdc8da9c07c9481aedf0282bc7eabbd60642e7d1f073ce9007ad2141ae36a6dcd936519520dd364e53820894e4463692d1a7c7b3747f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_replit.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
de059bf980d6d9bbc040d1eb80d07e1f

SHA1
fb7a3c566298315979cd29382b198822637b737c

SHA256
0301a57846791f0e4e4c59ad55bc5b5421be162ee3a914ce21b39236de86c73c

SHA512
056b24c1ea413b4847d3764a67924201076979692eb4ee628d8b880d54025651ba84f61c08e825c0a71ef2672dcbf67bda0b5c61e1fb157b7f6d44d15a2afbc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
33KB

MD5
9482380f13477c712302cac9b29fd9db

SHA1
41b3d9b20d4cfb12b50197e8f6ebdffd13436653

SHA256
36a2553eade6ab04718db8aabb2ea77836d0ec4c85ed057c42d0636dbef52baf

SHA512
c0e94468a8e0ebd18a89755fe0c6d71c8f51c8001b9ba02e444816772225d3948e60be640180c70659f7a879c6aa1d972f6280863f4d45012d29976b0d47826e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cf9b89dc1898f6b3e76af1dd55f03887

SHA1
014f9984e901c5371895bc49c45586e5dcf2bee6

SHA256
33d9ca61b0a45ef9cfec4ac3799fce4cd6f6ac70707b8c755b67ab150f02576d

SHA512
90e2bd15b1ec1beba02142e48812581a5554f80c2b6774c56f4e98c735a5f60c50365e34ee041cca3d042e13e065307b95b68ca160c28e1fb7c35365c753e766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
94cdb384f88ef865f184ffe537710a8d

SHA1
8364a867cb9a217582f0e60e2fedba6c722976f1

SHA256
c7d821458724e75e41b571e80ad014de1da7ece7b5b47f9a575d73e94860ef2c

SHA512
57c9a0e29d334620ae3863b325dbd83dbd4ab30f7c3d592c389bc4eaf92147eace1d5a5f7d27a0365d65b8b0d3769277b4ef668915c63094bf5d707524a5d182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
aa9868f028aecdf432d20d602cbf8eeb

SHA1
3e47d2b39b7fbf679f4d9963f7aaf89a05b0cfcb

SHA256
43b3c60eb24a79844e672da8908d90c46ee49f1fa059398629932b6759507000

SHA512
f3983375822be5046d890c62b510e4062bd51e0a194c4a9f2b32c7a4ee08941db196402b223be3d4c283dc89549c472cbe3a81275c539ca1710661429e9b5e95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b85a2374d15b43dbd35c48d9614f14de

SHA1
f1dbe126377e166d6b1aa395236beeefbf8b4a33

SHA256
7f3c0ddc31b4c562ffed4917f1441665d1701eaf1504cb5b48f9aa448a95f925

SHA512
8a4cf3fb8cc44caf3d81d60d9897efe6682b182804bfa08e5659155e1e70a1581ae4f1b5cdd3e8122afece381bf59e97c417f3317aff286274fc30c0495ec268

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b6e60339777a00c0b3f09079139494bb

SHA1
b6cd87efd39de8ef838f8e203515fb8f77465d7b

SHA256
96a6af827f6d06686d720cb7c067db47d5ba88ef2f0306b6ab13b07b2602aecd

SHA512
95fca7b54cca7efbc65f7c670dd18e884260e09a6bdab873fba76f398c056010b2933d122f86e3c9e5b1aea8941a97ac80f2e4039021599df493b49cc8b91f77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cf4793c1add04f462fb7fe2ceb96a28a

SHA1
24a68322271529bb0546cf7f80ee44a56c16ddb3

SHA256
ac30b000182a0f369b71ed8337a7641a3d5107ccb92083de5aa4677682ddb01e

SHA512
200b4c50c35eb0725502b5a25efd334837c3bd6589139a5577c383cafbbfbc881c7a222c717eca70e5a0502bee75798ca851881f6c67fcf550b00e6d67388a6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
214565c981143cb9f97d4088bcee3f72

SHA1
3a98b5f205d4d446ea990ab72fa9f6af3e36fd69

SHA256
df5afbcf9192845c129c045c31986e4b23e96158669a10351ce472b6beddb101

SHA512
36f5e894fa70879eb74bf89982867c4ef5475350eaf2237c04e52fb38b296d70bf65bf2a8688857aa2c75b5b537ff4a0b13f6c94791e42b4226dd07503ba9f0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
08bf5485ea68172580311a2e5fb9dd6d

SHA1
30f586842c66ab8f6cc8997c2db1d64d108e80fa

SHA256
19484d49d2c0585d5b47d31fd2a8ca3b87a85ca9bc51664151038308937fe530

SHA512
fbd6fa84141187e47aa0c6a48123dd464e5852efb1b8b5b12ce6e8f6aa6406ff56edd6ac0cc19b08eb58d4a3f7229e76f6a10431343470c3db4ecbc8d0298c1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5840ec.TMP

Filesize
48B

MD5
7b02b8a63b2c5d41ec8b536f297f5d21

SHA1
fdc738a923a6c33c144a45280e3c17ff8b4d6fcb

SHA256
b0718be8ff13accd67332cee2de91ffe0181f29e7b1b932f8a9f01294f4a1157

SHA512
b63cd4b4f38abf61aa16682d9c3950f8e48f0e137161d0c29ff37fad10cec05205aac9108a786afdbf0a61b8db191bdb4ca22b9d3018b9f5c235091beb2c487b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
17a1d70550fe0678996c3fd796b11a68

SHA1
a21432e40b1db390e3694e35d662d840f4ce207e

SHA256
64d5f9ee42449f20129b52c81e990d05070467f280596cc71804bcac04fb8a52

SHA512
c132f1693bda26c6ae6d2332b928da13038f2a9c6ea9fcf76852b721024041c03a1b249aae0f1555435f896d76c0648c71cba7a9fab66595e649c91c2626f5d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\cde35712-db31-4d28-9154-5808d893a4f4.tmp

Filesize
11KB

MD5
2bcb641f889eb7aa91eed3e5378c89b4

SHA1
86fb2d139606a882043ebec0b86d6cdbd07c0bc1

SHA256
7a47cbe955bb30229e3dc89b2033e5ed2ee9746dc99a4d674b1bb35fd6f81a53

SHA512
6c118685d4630629979338ce5598b9cb8d6b522dde3d8c1a0b1082910f5a0bc394c79585fa4233943c899863a5786a058daf78be4ff0a1242e3e88f8066bbc6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
c849e1e2fbdc221f2d5e392732c18e17

SHA1
7c2196dc2238325b1f76a479272559d4739db3fe

SHA256
78f83cf5622256e8fa20dba27d7694b7e5718fd318b7fcc4ab242a750833d8ed

SHA512
fcfbcd8b04d24c57b5a8514aebcec557240caed99ad6f12e6f2db62c907d64e076053c1e4ebe7e9ab0d2eda736900b383a930ec7c6de6d4ceb901ae2b3699714

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
16dbecab9de1ba257077d37b6ce8ecdb

SHA1
a9186997cb3d8371fe326f9413bc2a0a737a28fb

SHA256
83e8d5de1f5745ac59aee099a5e18fabdd0b3e405d6b7241c7cb92b704fe76fa

SHA512
1b0149966936770a05e640ab4f9057b825a3cea27710b7d1463343d760c4d24c473bf12002c8aea1880b836028d8374b6540b66562c5e2f22b4319158cbc4965

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
d4644ade7432f44a59ca11ef8bf757e6

SHA1
b6f23261f37d333f0751443a17e75c644fdd9ca6

SHA256
8b9a92445181e2b38dc95b3a330b3e6a8f0ef2c46eb6da69a84d978726167a11

SHA512
0605eea943b3615fd8e9a42953351504d399591ddee36f6d9567ea401efa037a8dfa619d4e1ed39ff85c61afadee067ac6b44537218a0ed02d69c5ba95e613de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
fa5bc1297e8d76bd37a0a63bbbd70ed2

SHA1
5a2fe5a9d826e1b3d308e82101ddfb5e5d719abf

SHA256
fd6457360464b8c99b4cde26e09a25b1c27adc9b87063734da4206dad7007d22

SHA512
847db0ccfee4266a84e9ea35294350465f04768a81bf2ca9fd641291440d2d7c6e5e0daba9a36988aee0d5b5c931f789899be52b8fb6aa85f07418797859d3f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
d4ceea3986378bcdbea7e13f6d96a053

SHA1
fef08b3d2b5b4e6a5572f94df1c75267e38ede64

SHA256
3cb0075fa4844326338965d1d660037b2ecfc5d2db4fb02ce4bc5680792cade7

SHA512
f9ad7df91d36341e6e62a2869265c7324061cdc107b62dfaf58db80f0347974481da9d153f53a3d4071cbe9beebbe671354fcc0753ccbc6547b21f88b68dd855

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
9a0a07ff51f6800caf30fa4a8e67d922

SHA1
71c8d2142260d58b52837465e521b0b3be4f5643

SHA256
ba79eae0fdf1e345f64260fce72f5078632dc4eb29a9852351b98d76fd0be6d8

SHA512
c8dc82c383d9eecd23a2d16986e37d683865fb0f393dd6d83c841e291d63f4fd5d414183467fca2f9d8b8d2fd1c6c16e8ea6da05544eba61239a69e79a349176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
e4c6f728dea6f037f014b007cadec5a2

SHA1
d5b1dca58bd3dd7b5aec4d0d8616a18dac1a17c8

SHA256
422fffc5141694df2723735ccb5d93a8e8976c8f25592285acb3a26affee6f98

SHA512
0ad7e78113ca797567afdf4843966d413c7a5a60d46e0ad719e77b4c088216d2b51f9924b54fd86b3ebe3829f1216e2d3c295a37b50e8e9809a7c7f71ca4cb16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
1feb0251610bfcf88284fd4da598e2db

SHA1
9a911c410b3e110fcd63271109308064553578ee

SHA256
196dfbd4907dcff25e69c04639960847df0de85ebb6d405a23ec43d4d9921737

SHA512
2d5c092a1a51dd91a332979a2326407c19b44e1f665e84b754020dfec6f67220a8aaa3a060aa9f3b4bc5a039ea1765f1f14a61e22012e757bf32ea612ba94af1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
59KB

MD5
7d4a9f2a4cd7c60873b975ed5a0a0b0f

SHA1
366365e95c040bab714e6f6660cd46c33421f88a

SHA256
04edb0d47ddf3ca59b83e00e3f6617013bf4de7122f13e124b54b76574fc48f6

SHA512
90ef67064453172f2a11da49281c44094b1848febfcc4262802ac6b0b833ad28a79831ec0a65666b938764c339f3db0473d905046a93c59a5fc51a5d1b5d7226

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
33KB

MD5
1478de9c94a368d7ed03d50bb6005cdf

SHA1
afdcefbe26aa59c0e4ae668cf422adcf589461a8

SHA256
81cf44a40792ce2cc46ea896bbf06a91687ca4c25faee4e67e470a7d61a77914

SHA512
dc980bc3355ddd8096f8751c9bb51f1e296322eaa5d4a9f20588690c3e799eb9aaec823fdccb098c53f4be978614e7980c419bb9ce7cf6b66c3db9515d9bf80c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008c

Filesize
69KB

MD5
938aba7aabbec04a0180a78f3213cf7f

SHA1
32af549e781ce0183da02afb98e27e476e129b96

SHA256
f998860d950a9aa57a97f1d57378194153712be01683ff502c44b9f516ac36bc

SHA512
2d8c2ffddb0bea4396817545f08184111ce614b897e3dc18b2f0639e9a8113a5450d396213bdf70c830b7b8217af7c4c7b8143d2e4a88964533216b9eae08ced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
506KB

MD5
28ddff24e4ed12d19034048dd693e051

SHA1
f53dd3dbdd4643273399051b9dd0f187992e606d

SHA256
904402faa420609a73320f5b75f8f81826159f9bc20d67d56d5fad963091dd0c

SHA512
78f5ce9a540e514a0618799f221de79e32aa903086f99a56e504b0a9f270e430f7a3963173181007fac718a601c6b10a70c6324132ce2b0f5552a52437ff91af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
8d00473b5ce2a532ec3b56496b291515

SHA1
b01c7ce7f92ccd3ec157176adaefe1b02505898e

SHA256
bc252c8a30d94a6b3eb309f88cf1159a0926a68223c1023bd4fa1fa306b4eb20

SHA512
1b21ed705a60b08655386ae382afa6aac5e2e1d7f68598d14bf3d8f0d52644b490429faef49d22efafc2a31820538c744a2e9e1189b100ad2169e768c282806f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

Filesize
346B

MD5
f11b1eb65b494a610e57da1dac6356b8

SHA1
d697ee656853b338cda3906b83bf030193aa4400

SHA256
2c709e85f10e8ef24515d5d09de6b8e9d7dc22ab42e8d8a425a1c3747bbf95ef

SHA512
df4d0f0bfb1d8c5595c18a973566718a8f608575da0b415ae443587a6a39ab432a218f71b94a9542807fe0a4718043241bc462145a8f72b782308e87742c875e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
e7fab3b10bfc71346899978552f4f01a

SHA1
8046433d7bd0cd4f78190cd92df8dd7f746282a4

SHA256
e28d1f33e9486b08621a0c6f17b79d7b3972816f116a94ce37115bea92901e6d

SHA512
db6f96531b923fdbb9419dbf2648fdb73a21f2e4583f5b656c793540b3214af98f3b9ccf44062f71be4a0704ada83fb11c924c7a4d7e165da103654dc202ac0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
e16ad62c909a2edf4d89d1a266c4faa7

SHA1
271b352c3cd1a6afbbe6fcd79ae0fc119796cdc9

SHA256
d81e35545695f9f285e8b953be92dda8d267b95b4f257665c14d94e1b186c5f3

SHA512
bf2055061fa53ec52c839a9a68d8dd0d8ce162e4ecd60a2ad5c3b2b3467f020d9f0609cc336879139401023f58ebfc10e06985bee8b25983e4dd753a8b15199e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
334B

MD5
38d5e767377b1cf7afa5e16f91a95817

SHA1
85808f41fdd6bfac1c48f4760fc31384160b2dea

SHA256
681aa1734f3084c4b9eefc8e16244886fc62f2d3be25a52b587a4777f6913af4

SHA512
dab2034d9691da3ffaf9b57605a855d4ffe0e90664ac0b7932218a9fa04d7ef2fb228d26362088c795d4f1e5a5551e9368973be3fba55ed3fdfa9c92343a01f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\68fff11c-16e6-4b00-bbb1-784db82ff5f1.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

Filesize
20KB

MD5
3fca82d30a2268e46673f8aed6a0818f

SHA1
9b43c2ede5dd3e1f32f45b4201ce263afa79785a

SHA256
02aba40925634d2fbe264a9259c6ec9f780b37322d16c5da0882ad93b158cfad

SHA512
1d6793e2fe4c61cc6eef754f1fe9825cb281193189a5111d95bca6b23b5d24c047f5af1d736bbe7e67bd83d9157b573768c052925d963e489f7c5263538e1b30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9e681113fc0be083eb905b3653b0525a

SHA1
84c29ffbcad67d6e82a62b2d1310d93b463fb5b3

SHA256
78ec2baee364777d88151534c4312280468394cfc785a292a0ad6c6d3ac0f9de

SHA512
2bbe9df45951416209112cde5b1f5e9142635e8c231dde0b18d6f8fb985133fcea470bb5fbc81fc02cf191fd8feb72ef43377707b8cf85e3e5fc73d0399680b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
cb4348073215e25e246db5f89fdaad6f

SHA1
431f6277a07a7186b4c9d81b7c0508ea8a3e425f

SHA256
b51ff485754e889e36a115c9847f196a4c227c56c0f761ed72e54b2730adbdc7

SHA512
da56d81420350891c2c1bfe4a56c768966edf169ccd54b1201ca4db65e7c16a9a74d63cd9e7d75381925b333a8a8bad705a28712e2e71510ee77fa15b0f8050b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
12916ffa797c7f64c60c0bc920783fd7

SHA1
5d22f67f493cdc1b68ef12f29f2a621b1b18331d

SHA256
176550a735a7bfcf7c98949a32bd3bb9c409895e55f1de34de127694a11273c3

SHA512
097d28bd516844bed9b68febe6c0fdbab69f8794b64147b1883058cd28eba6c09be3cc942171af24b683c06c42dd30846561d4b9ba500d76d0dca871f159dd92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
188B

MD5
c331bc5c91c4997407352155f6be8dc8

SHA1
b86ed5032ee8ca824c7cab1c896be14bd48d77a6

SHA256
594d41be98b20c6aadc027bbaef9b9769ffdbdc0eba9d6f8a41755ef30af75aa

SHA512
584ad5243e393cac9c1087d82c081a5d4f3e7bebf5860995d9f5768cd39f9202c1b4ae617a4ca75da8269e40191a0f3b0798dc1484c1445d405a9c822305826a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
7fb3aecf0d26288d96ee9e9e26a93e06

SHA1
cff2b069206b4febf9a8cb451ff43b90107c4004

SHA256
242713f9728a79fcc2ca1f555dc2c50a9036c0c66ebb6138a87bd3f7b8130f03

SHA512
d02e897210752b77deeb9b65aacbca2e14f930ead9f93a08c06468a0d7f9d50de69060705a824a6cb73335c8d8f3dcab29c384451328061b1bfee0e6f56c1d34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
37KB

MD5
baa56f7c9d68c14d1729bde044fc9eb0

SHA1
2b380cb7534e0b9dc4d31684b2847ec211d6ab87

SHA256
95a6c8ba8524cb89733276044fc4bd79d8592a10a8e4fbabb9792bf5becdc8eb

SHA512
e0407bc99c9344bcd245ad2e0e025cf9e787f25ceb387b6ed539d3a551f2317193b4d8c0f4c6ed7c0f8c983152c7e67c41deda00392fbb1618049d69df2ca8e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
335B

MD5
08c4cb3791fc15215ba23396ebc694a1

SHA1
d92a4a4966aa601a7ec2d7dbc6bfbb0c15f59201

SHA256
cc59df3236b6ae87bc01f2e9dcf926270452d9e71a1096e6ec8513a9dc3553ac

SHA512
c8bbd82ea8eb0c305e52dc8cd3283962152fe6229b1d5457a8cc2236173775b70ca66ccadadf51c52b7f3bc226a018b9fe38788039daee8e26403ec487adb221

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
0dbe61dd6760d15c9e4c2b1ca5ea6bb6

SHA1
9b0228bbf43f02bf8e09acda3fb19f3938ce9df0

SHA256
026f2d700980837036a8799677417414c54b3bc66947828c5cd2ba746d88e294

SHA512
b3dc48d65987826752ffc2f9b569df564615644d65c12110541e1c04e6269c94a840dbf5cac994c63c27135671fa73f4bbe8a553e4c5dbc2b7a9362579daab08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
7f82c0bd7dd5254413e280479bb2cc18

SHA1
e88d1a3debd2937c734578ce6315fd9b46596036

SHA256
983159ca04c60db3fe8db4feb978844553acddf6962059a194707c0cfd9a92c4

SHA512
6a70162d943b01f96141908f12c073f093f496e23f86b178a3d959311e128eb51022efa41f6fbee4208b3b718a5972f8e0aaa6a98e51d853fa88ff56b14a9dbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
62c58f8563847e12ceca246438f2b061

SHA1
d717ec408222abcd0dd8feffdfdf10795951827e

SHA256
64f98a24da28429cc2b69670eaeaf403c7add67ad6b4b15d2fa70d79398a6acc

SHA512
006b3c807c3634f1400032e6c94165996305fdd7c0e4aca42a9e0ad40ef2a93e2a9b4196055d3b2598b2622a10eb51aed9c2617cdfa58d508d0ef400297a0458

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
199a765299aad5f320d78d7e3e8d5f61

SHA1
095b44d75cd2843207b34cbee605e0ec796b7cb0

SHA256
86dcc481102aa0d8d9f318a5c031bdac9ce5f98ecd106da31e986b740c267f3d

SHA512
9c3d08a0fce801886758948efa4b751a5160a52ed1183adefe7e700a6e860d57dd34605ed4622a1133b01c72caaf00b41799c86ba58e0d4002f9e1ef2e5e8fb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
228KB

MD5
ab9393fc1d3d87c985054e31ddab86d3

SHA1
26978add08443dba0d501ebfe8f63dd2ec7cb5f4

SHA256
4c78b54b8f3e80f8356ccdb9b217526d7d048e34eaf2ad2136c5b766b07c7acf

SHA512
0cc7c958030d18fa461acfdbb2dd68c253b3b76f812dd76b3114a95503af50a2a2a8f7063e7d3eb1c8067d64e36d094398bf499d3c77b908c4a87c3cf9e0ed16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json

Filesize
13KB

MD5
cf9a0cd1d5f9c8cdeb87ef3f7d30d15c

SHA1
c543e62aab24c205db6014414161c13375e9a71c

SHA256
b24f36278e4c85a8fcd66021d48c69d6b07be605673e02f0fe185bf3319f47f4

SHA512
39ad5c5753e5398906b94ab039d2eae7fe420fe35a53f190bda84d4f9262f3b14841cdf4ec76cdbff6a4578a26ab1e6c4b11ba326ec8cc38a2e2904a6f2c0d8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
0faaedfd5f3964d5dff6b88105dde967

SHA1
1f516f8feb346874d0c182fdb8bf4963a927b023

SHA256
0f013f95bd754415217fb7f3894d5101f9f840890e68da308a5a534441576bb3

SHA512
08a2784b92034cf41f08ee9e512ec6bf057348fc62a72e12a05c54456fff28a97d13a794297705aae49e8833f72af1fa26e01dfc24261d94a88132331144bd36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
5a6c80bf22daa7fed77fd4ec846ab574

SHA1
02eb672b5e8e4a3627633f7b8ecef1e99c63ef49

SHA256
3fbafd3fe45546eda2f981e62665784d4cc010a0d0e5607e403dc38db89502f9

SHA512
6997535b3e2798f1989576d4058ffd423e0fb6217dde55a7b7cc724db5b4e9cfe2ff6e29464b79fbd43aba626c15031634af43155a66d1c2f867b617478d6341

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
94bd12dcf5316b970ef41a1ea89886f4

SHA1
490cad280f40d625c3f59f856f28c182c23a317a

SHA256
3de1db02f38878a7252a9624a457144ec6960c1a6df0699ff92073d7832a7ca1

SHA512
5a069d608fdeb87cc8eeada342c77e6d1dbc915e73723963a7f3e5482edfdebb25673fce129c306f70f3bae310b5883e0ca946af00ade26fb6e8a25ccc8fed9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
467B

MD5
2e5572ff545b3cd74a2be69908d21bd5

SHA1
4d32dbececf59c18ad48257fdf9e79c2aff6dc89

SHA256
4fb6cbf444d7fbcc49a7fb4c99879541e75767201e3e6ad385f7dda5df9093d4

SHA512
8c736f0701ab4b1d27a675e43e3686d193030a8a216284a38359f4194573cf287ed458ff4b50a11445a34cb5573df934bf553bd1c645767e926a06bac2d1da0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
20KB

MD5
247a3a48e8fa0915f569c8e9d86c0701

SHA1
5198600409f024382a32a5d128c24a60505ab52a

SHA256
6c87fcee1077057dfb7562fb514a8cbf829cb658d60b596ed71a7c09cdf30130

SHA512
6b3522ab73bafd6488210a43b7e374777f8c211b765603c086fa03e0d1b354c74eb81f2ed6c73ad8c3c0a82097e8c6935d4ba8269969b93a6bbfb8ec2f276b7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
902B

MD5
fab176fd3e08f4c6c78f3c74c81ee964

SHA1
e1a612ae54ff66bea70e4670d4891357879b1c44

SHA256
f651494d362c505104a932528ee040f5228781276e246cc468524b09706a7058

SHA512
ee7c7b58994034f82b6574bca39b4710acf09facf5b3797a62f09c2dda7da9ff49c11ab16163e1a8ade322707f42e393cb8981c6c007e33991ebf501dfbe87f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
22KB

MD5
3f8927c365639daa9b2c270898e3cf9d

SHA1
c8da31c97c56671c910d28010f754319f1d90fa6

SHA256
fc80d48a732def35ab6168d8fd957a6f13f3c912d7f9baf960c17249e4a9a1f2

SHA512
d75b93f30989428883cb5e76f6125b09f565414cf45d59053527db48c6cf2ac7f54ed9e8f6a713c855cd5d89531145592ef27048cf1c0f63d7434cfb669dbd72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
4355526dea1955b65538871dcaebf03c

SHA1
400a1fd68aee9d3859a21dfb0d401ee54a9e08a7

SHA256
4804a499d491802ededbe98b54967880bff85cec65d8ef1c5add68c11a628f6b

SHA512
a3d5bd9fb6d4f6a0677dcc23684d1fe00321fe48ce4c7a67dc348af304acc1230752046d1b89dce85632bd443aedc71293009fd62a04b4cabe5e22c586521784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
8bbf28ee4410e0e1a840362982a3e586

SHA1
c14ad397f36533608c2a4d83fe887c28552ca55f

SHA256
9f1ad155a8dc21314a60a87b140bf2484a53af373ac7457e64e3398692fe42c2

SHA512
301a75f021f9944eb3084af94b82b18a9ab2080004d1341095e82bf8daca0ccda74fc7cb36ff7f3a50c85196efffdbc62b80822c03334205da733f1b4149798c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
9bb15a4bd887da29c3cac64db53508d9

SHA1
ae624d38786f52fe0f85a5ae3b99f97637492979

SHA256
f8e8dea4dcc8de5d345bc6bff13dd4716f31e725f6fdef3519d37b4d7c3da76f

SHA512
4374f994afb7fe64f50e0db9a3fc82913fa7df235e4752ffc670fd32fe143ce40742ca0b989ffabe7f7e0d1e6a48e9f835ed4a13b5554fa3703f61d7fb1dfbcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
0b393ac8788effc53edfba3ba5589276

SHA1
ef02fcc666493c0188b3a3285d7117ebc1efc9be

SHA256
f2555ec9778ebaa9b16fd1c9cc7d2c3505b22f49d9e30999258effa149edef9c

SHA512
e84f5d41b57dc07f3c65b0cd1b2dbc16c8199060255ba922ce41dd44fcc72fe44d92d34b63ae1c0a09c6b71faae5da50d939776650eb682698ebaeab60b7ff37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
46KB

MD5
fe786f95394a4fa71b8ead9076588fef

SHA1
f4f01cfdc978b805a05b2886542baae774e86069

SHA256
7e6badd7a4dfc8c6ad06401436241a473bb3a4b2b46b37b50a6812a03a19aa34

SHA512
2939aedd379e2ec3ecedefd0d3e066764f1a1f9974adcc214c533f32250a110b0402513a77bdabce08cbb023b27109aad44928cf01fb4b3f0cb5eef6b8180695

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
49KB

MD5
819951e4f35a2933a0aeb711ffeea08a

SHA1
46e05447a88a2774dcf9b4e181366c4c67735c1b

SHA256
d73105448b6028ba48ef3b5e72a4d5a4d1cb38c72cc30a22fc05c1ee3b5c02cd

SHA512
65e684abb107306ed2812b4112ff4a4e80c06f3413e0645409e89d52a186f2c73c9f01ecedb2c0cf13cc2de130855fce9f88086ee0b5f3c25d9af9529e7fac79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
54KB

MD5
a35c26eba769b096101f221b8db8385c

SHA1
baf630a7b2b0c57d955b114790b570f7a7f1fa8d

SHA256
bb237a2763611a58eb304e96442579218f28c98f5f41c26ef23703539448d318

SHA512
baee4769a5ee8b963d3adc2bd61662e0e9c51f2bfe90a812f79553f4d83fdd33651051be9639b781c89f0ff9ed08fc5c256dce1afc84c3194cb2eadefd70a841

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
202bd13080ee042e96615e9baded43f9

SHA1
a6fc333cffe65b15f1ac2400193ac37b5711a234

SHA256
6029b7a48b8963c21dd2fa25105dadcf885dcf8df9db97cefd276f89604f483a

SHA512
dfb730d2425b92f452aa7b927d9375eab8651c9430aaeed6a0e739b7a6578a486045f62c5911d46202fe87a9f3133490e17fd130438aadf4e161bf74761101c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
46KB

MD5
7ea2de497b793286b93bd99ed9647d04

SHA1
67c2ba4acb89639ce92b27cd276cc7d05c9b1577

SHA256
32af67448a4cf814b97c8583504281f81ec3f96226b9cb3f128aef8e39963fd0

SHA512
72e2fa34ac7f0a02382dd3019c470a04b05d7f35639023535d6a1ab09cb2ce64e62aed6344b2bb332701c72fca3bf39bac852c6dd33ee60ed089a0158ddfea33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
66f78940e033509fc71b084c146e06b1

SHA1
f5e3ed34861cd391b1c44beee364aad299769e14

SHA256
3db6022b79b57b515579db1ae3af5cab46b1c8d0dbe2ecc9589fbc2b7c9b7ae3

SHA512
88a5e49ce2589644778da6c7abb1280bf9e5017d6e8314efc7ca7deba502f4f67d44e85016af9c69d604f347ba496c633c52880ff1eef817951b87b540804896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
24KB

MD5
0fd161061cb17a4a240b44f5b063b395

SHA1
27c584308ea89d8fef02788cae6f72547844c6e8

SHA256
ec98e74b7193faf532a533cdc939c70aa5b550d3755e424374fa1050179bb27c

SHA512
f8f20ca2c4c6dbcc54c1ad91fdf1b181fea8252aabaaf2a8ee6ade4a64c112fefc6163459bb6a945eb23b4ee6811dd77fdac039ea438d45d9a11e7a0a47701b7

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
23KB

MD5
453e3ea7521ead89d70c3404c7cb8fbc

SHA1
7110e8073b8567cda2867e9a23bd43e462f67259

SHA256
b3ee1510dcde79224b640d8ce25120f22369dd46a7841c05442caf229ea64dba

SHA512
913c74280497fc09cc9e18ba1d81f53a389e758758cf4941e33dfec7b7a552a15e541c01b874201dd5c7ca08a31d5563261ceca9de90c4bb9b6f02883fc2f1d6

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit