Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://amssh.co/fil...

windows10-ltsc_2021-x64

10

Analysis

  • max time kernel
    25s
  • max time network
    82s
  • platform
    windows10-ltsc_2021_x64
  • resource
    win10ltsc2021-20250410-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250410-enlocale:en-usos:windows10-ltsc_2021-x64system
  • submitted
    18/04/2025, 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://amssh.co/file.exe

Score
10/10
vidarc466785b3a34d7b3c4d6db04a068b664credential_accessdiscoverystealer

Malware Config

Extracted

Family

vidar

Version

13.5

Botnet

c466785b3a34d7b3c4d6db04a068b664

C2

https://t.me/v00rd

https://steamcommunity.com/profiles/76561199846773220
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0

Signatures

  • Detect Vidar Stealer 52 IoCs
    stealer
  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Vidar family
    vidar
  • Downloads MZ/PE file 1 IoCs
  • Uses browser remote debugging 2 TTPs 25 IoCs

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer
  • Executes dropped EXE 3 IoCs
  • Suspicious use of SetThreadContext 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Delays execution with timeout.exe 1 IoCs
    defense_evasion
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
  • Suspicious use of FindShellTrayWindow 20 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://amssh.co/file.exe
    1⤵
    • Drops file in Windows directory
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:6120
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2f0,0x2f4,0x2f8,0x2ec,0x378,0x7ffd43d9f208,0x7ffd43d9f214,0x7ffd43d9f220
      2⤵
        PID:5784
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1920,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=2220 /prefetch:3
        2⤵
        • Downloads MZ/PE file
        PID:5356
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2192,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:2
        2⤵
          PID:2680
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2540,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=2704 /prefetch:8
          2⤵
            PID:2280
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3492,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=3536 /prefetch:1
            2⤵
              PID:4504
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3520,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=3540 /prefetch:1
              2⤵
                PID:4724
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4828,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:8
                2⤵
                  PID:4980
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4904,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=5124 /prefetch:8
                  2⤵
                    PID:4984
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5660,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=5688 /prefetch:8
                    2⤵
                      PID:1016
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5700,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=5732 /prefetch:1
                      2⤵
                        PID:4668
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6064,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6028 /prefetch:8
                        2⤵
                          PID:2144
                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6584,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6516 /prefetch:8
                          2⤵
                            PID:724
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6584,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6516 /prefetch:8
                            2⤵
                              PID:3116
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5452,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=3524 /prefetch:8
                              2⤵
                                PID:4480
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=6516,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=4308 /prefetch:1
                                2⤵
                                  PID:2368
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3464,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6748 /prefetch:8
                                  2⤵
                                    PID:5664
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6112,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6856 /prefetch:8
                                    2⤵
                                      PID:2784
                                    • C:\Users\Admin\Downloads\file.exe
                                      "C:\Users\Admin\Downloads\file.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of SetThreadContext
                                      PID:4016
                                      • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                        "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                        3⤵
                                        • System Location Discovery: System Language Discovery
                                        PID:4864
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                          4⤵
                                          • Uses browser remote debugging
                                          PID:1680
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffd2239dcf8,0x7ffd2239dd04,0x7ffd2239dd10
                                            5⤵
                                              PID:5932
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2112,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2108 /prefetch:2
                                              5⤵
                                                PID:5368
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1592,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2156 /prefetch:3
                                                5⤵
                                                  PID:5372
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2396,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2568 /prefetch:8
                                                  5⤵
                                                    PID:5760
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3284 /prefetch:1
                                                    5⤵
                                                    • Uses browser remote debugging
                                                    PID:4836
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3240,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3248 /prefetch:1
                                                    5⤵
                                                    • Uses browser remote debugging
                                                    PID:3784
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4244,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4300 /prefetch:2
                                                    5⤵
                                                    • Uses browser remote debugging
                                                    PID:1720
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4564,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4632 /prefetch:1
                                                    5⤵
                                                    • Uses browser remote debugging
                                                    PID:3612
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5192,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5188 /prefetch:8
                                                    5⤵
                                                      PID:5088
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5492,i,2692330626319774246,4410788025499860007,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5508 /prefetch:8
                                                      5⤵
                                                        PID:3800
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                      4⤵
                                                      • Uses browser remote debugging
                                                      PID:4968
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --edge-skip-compat-layer-relaunch
                                                        5⤵
                                                        • Uses browser remote debugging
                                                        PID:4836
                                                    • C:\Windows\SysWOW64\cmd.exe
                                                      "C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\xbieu" & exit
                                                      4⤵
                                                        PID:2292
                                                        • C:\Windows\SysWOW64\timeout.exe
                                                          timeout /t 11
                                                          5⤵
                                                          • Delays execution with timeout.exe
                                                          PID:3448
                                                  • C:\Users\Admin\Downloads\file.exe
                                                    "C:\Users\Admin\Downloads\file.exe"
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Suspicious use of SetThreadContext
                                                    PID:5340
                                                    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                                      3⤵
                                                        PID:1204
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                          4⤵
                                                          • Uses browser remote debugging
                                                          PID:3188
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffd2239dcf8,0x7ffd2239dd04,0x7ffd2239dd10
                                                            5⤵
                                                              PID:1288
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1992,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2068 /prefetch:3
                                                              5⤵
                                                                PID:2004
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2028,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2024 /prefetch:2
                                                                5⤵
                                                                  PID:2592
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2388,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2364 /prefetch:8
                                                                  5⤵
                                                                    PID:1968
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3248,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3024 /prefetch:1
                                                                    5⤵
                                                                    • Uses browser remote debugging
                                                                    PID:5564
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3240,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3276 /prefetch:1
                                                                    5⤵
                                                                    • Uses browser remote debugging
                                                                    PID:5012
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4284,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4308 /prefetch:2
                                                                    5⤵
                                                                    • Uses browser remote debugging
                                                                    PID:5340
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4680,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4704 /prefetch:1
                                                                    5⤵
                                                                    • Uses browser remote debugging
                                                                    PID:1460
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5304,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5308 /prefetch:8
                                                                    5⤵
                                                                      PID:2928
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5496,i,3273462086833947551,597956247503706956,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5504 /prefetch:8
                                                                      5⤵
                                                                        PID:5180
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                      4⤵
                                                                      • Uses browser remote debugging
                                                                      PID:1160
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffd2239dcf8,0x7ffd2239dd04,0x7ffd2239dd10
                                                                        5⤵
                                                                          PID:2852
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1904,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=2128 /prefetch:3
                                                                          5⤵
                                                                            PID:4720
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2100,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=2096 /prefetch:2
                                                                            5⤵
                                                                              PID:3180
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2360,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=2820 /prefetch:8
                                                                              5⤵
                                                                                PID:4672
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3208,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=3284 /prefetch:1
                                                                                5⤵
                                                                                • Uses browser remote debugging
                                                                                PID:4772
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3216,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=3308 /prefetch:1
                                                                                5⤵
                                                                                • Uses browser remote debugging
                                                                                PID:4644
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4280,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=4300 /prefetch:2
                                                                                5⤵
                                                                                • Uses browser remote debugging
                                                                                PID:4004
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4748,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=4772 /prefetch:1
                                                                                5⤵
                                                                                • Uses browser remote debugging
                                                                                PID:5568
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5288,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:8
                                                                                5⤵
                                                                                  PID:3636
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5516,i,13160361298425571794,12487570301319587418,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:8
                                                                                  5⤵
                                                                                    PID:1240
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                  4⤵
                                                                                  • Uses browser remote debugging
                                                                                  PID:2000
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=744,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=136 /prefetch:8
                                                                              2⤵
                                                                                PID:2004
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6732,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=6728 /prefetch:8
                                                                                2⤵
                                                                                  PID:1696
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3544,i,8681787498401263794,443559045954653405,262144 --variations-seed-version --mojo-platform-channel-handle=7048 /prefetch:8
                                                                                  2⤵
                                                                                    PID:4108
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                  1⤵
                                                                                    PID:1040
                                                                                  • C:\Windows\system32\cmd.exe
                                                                                    C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                                    1⤵
                                                                                      PID:1736
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                                        2⤵
                                                                                          PID:6000
                                                                                      • C:\Windows\System32\rundll32.exe
                                                                                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                        1⤵
                                                                                          PID:4020
                                                                                        • C:\Users\Admin\Downloads\file.exe
                                                                                          "C:\Users\Admin\Downloads\file.exe"
                                                                                          1⤵
                                                                                          • Executes dropped EXE
                                                                                          PID:5516
                                                                                          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                                                            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                                                                            2⤵
                                                                                              PID:1420
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                3⤵
                                                                                                • Uses browser remote debugging
                                                                                                PID:4504
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffd2239dcf8,0x7ffd2239dd04,0x7ffd2239dd10
                                                                                                  4⤵
                                                                                                    PID:1180
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                  3⤵
                                                                                                  • Uses browser remote debugging
                                                                                                  PID:4424
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x264,0x268,0x26c,0x260,0x274,0x7ffd23ccf208,0x7ffd23ccf214,0x7ffd23ccf220
                                                                                                    4⤵
                                                                                                      PID:4980
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1808,i,6982591493742562461,16847512848251221696,262144 --variations-seed-version --mojo-platform-channel-handle=2056 /prefetch:3
                                                                                                      4⤵
                                                                                                        PID:2004
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2016,i,6982591493742562461,16847512848251221696,262144 --variations-seed-version --mojo-platform-channel-handle=2024 /prefetch:2
                                                                                                        4⤵
                                                                                                          PID:3324
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2452,i,6982591493742562461,16847512848251221696,262144 --variations-seed-version --mojo-platform-channel-handle=2500 /prefetch:8
                                                                                                          4⤵
                                                                                                            PID:3084
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3492,i,6982591493742562461,16847512848251221696,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:1
                                                                                                            4⤵
                                                                                                            • Uses browser remote debugging
                                                                                                            PID:5540
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3524,i,6982591493742562461,16847512848251221696,262144 --variations-seed-version --mojo-platform-channel-handle=3552 /prefetch:1
                                                                                                            4⤵
                                                                                                            • Uses browser remote debugging
                                                                                                            PID:4804
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                          3⤵
                                                                                                          • Uses browser remote debugging
                                                                                                          PID:984
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x264,0x268,0x26c,0x260,0x274,0x7ffd353af208,0x7ffd353af214,0x7ffd353af220
                                                                                                            4⤵
                                                                                                              PID:2540
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1776,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=2244 /prefetch:3
                                                                                                              4⤵
                                                                                                                PID:4336
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2204,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:2
                                                                                                                4⤵
                                                                                                                  PID:5328
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2580,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=2696 /prefetch:8
                                                                                                                  4⤵
                                                                                                                    PID:3780
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3552,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=3608 /prefetch:1
                                                                                                                    4⤵
                                                                                                                    • Uses browser remote debugging
                                                                                                                    PID:4276
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --remote-debugging-port=9223 --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3588,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=3620 /prefetch:1
                                                                                                                    4⤵
                                                                                                                    • Uses browser remote debugging
                                                                                                                    PID:1760
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5512,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
                                                                                                                    4⤵
                                                                                                                      PID:5344
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5528,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=5592 /prefetch:8
                                                                                                                      4⤵
                                                                                                                        PID:3160
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5948,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=5980 /prefetch:8
                                                                                                                        4⤵
                                                                                                                          PID:5832
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6056,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=6112 /prefetch:8
                                                                                                                          4⤵
                                                                                                                            PID:5448
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6056,i,3302613525770076636,435976139835257415,262144 --variations-seed-version --mojo-platform-channel-handle=6112 /prefetch:8
                                                                                                                            4⤵
                                                                                                                              PID:3200
                                                                                                                      • C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
                                                                                                                        1⤵
                                                                                                                          PID:5752
                                                                                                                        • C:\Windows\system32\taskmgr.exe
                                                                                                                          "C:\Windows\system32\taskmgr.exe" /4
                                                                                                                          1⤵
                                                                                                                            PID:2888
                                                                                                                          • C:\Windows\system32\svchost.exe
                                                                                                                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                                                                                            1⤵
                                                                                                                              PID:5864
                                                                                                                            • C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
                                                                                                                              1⤵
                                                                                                                                PID:4748
                                                                                                                              • C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
                                                                                                                                1⤵
                                                                                                                                  PID:5692
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                                  1⤵
                                                                                                                                    PID:4312
                                                                                                                                  • C:\Windows\System32\cmd.exe
                                                                                                                                    "C:\Windows\System32\cmd.exe"
                                                                                                                                    1⤵
                                                                                                                                      PID:2680
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                                      1⤵
                                                                                                                                        PID:4072

                                                                                                                                      Network

                                                                                                                                      MITRE ATT&CK Enterprise v16

                                                                                                                                      Replay Monitor

                                                                                                                                      Loading Replay Monitor...

                                                                                                                                      Downloads

                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
                                                                                                                                        Filesize

                                                                                                                                        734B

                                                                                                                                        MD5

                                                                                                                                        e192462f281446b5d1500d474fbacc4b

                                                                                                                                        SHA1

                                                                                                                                        5ed0044ac937193b78f9878ad7bac5c9ff7534ff

                                                                                                                                        SHA256

                                                                                                                                        f1ba9f1b63c447682ebf9de956d0da2a027b1b779abef9522d347d3479139a60

                                                                                                                                        SHA512

                                                                                                                                        cc69a761a4e8e1d4bf6585aa8e3e5a7dfed610f540a6d43a288ebb35b16e669874ed5d2b06756ee4f30854f6465c84ee423502fc5b67ee9e7758a2dab41b31d3

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FD2419AD66A6731F837A249AC4035040_0C1608F7509137144E257017D76A172E
                                                                                                                                        Filesize

                                                                                                                                        345B

                                                                                                                                        MD5

                                                                                                                                        908168742aef71320f35b59c7e44e3f7

                                                                                                                                        SHA1

                                                                                                                                        09bbb1482be30a9b9d3af6ae9c3cc6cfc7ecd098

                                                                                                                                        SHA256

                                                                                                                                        99be50ea87b64b6c4060c7a45a44ccc07706ff3027d91a5ce4b36d3033573b41

                                                                                                                                        SHA512

                                                                                                                                        3694c85e3130e1768f973ca87edc93176495d7adf122ee473fb9faff821b990e6e64f0ae7580a8c1dabb4b3c139a991c5fbc5cc0a9689fe946dbb23553f3b481

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
                                                                                                                                        Filesize

                                                                                                                                        192B

                                                                                                                                        MD5

                                                                                                                                        3fac49e555e439fac470723e852148da

                                                                                                                                        SHA1

                                                                                                                                        d8a58b722ecee244388654ff627b29ea8ebb7ac6

                                                                                                                                        SHA256

                                                                                                                                        78a51e760623b79b30b70d79fefabfe9ede2c45909d88c9aa8f11ea10d4e869f

                                                                                                                                        SHA512

                                                                                                                                        4d96396d69b3771b7defacf5cb79ce5c8d88f4b1369d9f2c03a511ced633a0bfedcbb33abdf4b04058c11a67ca6ea191f6c398baef3986e99bd39113845b32c0

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FD2419AD66A6731F837A249AC4035040_0C1608F7509137144E257017D76A172E
                                                                                                                                        Filesize

                                                                                                                                        540B

                                                                                                                                        MD5

                                                                                                                                        69c80d26146d4f4ca1a5946551e57a80

                                                                                                                                        SHA1

                                                                                                                                        ed8e6c3bcd4a23fdc7401ef6b3073968062df226

                                                                                                                                        SHA256

                                                                                                                                        4a50980da9a393b447ea6131d5c98cf39ca251558e81794b478ef022c71c102b

                                                                                                                                        SHA512

                                                                                                                                        ed1fd9ff3b3619e2959f04e9663f62d929772037415c71f3aed19ce7b4281649ba43f8d5881403b17d821c666d8ffb8a6f5f3c43caa8d06f26021743afac978e

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        40B

                                                                                                                                        MD5

                                                                                                                                        be457f2cb1ff7d1eb8ee49d7de816274

                                                                                                                                        SHA1

                                                                                                                                        3e70b4fe3812cbd57c498a1bf50d4ea5f86d6db1

                                                                                                                                        SHA256

                                                                                                                                        f4481593ca0419cefdf11952f15fe2dc3a14a0e36802788e8511583b469f777c

                                                                                                                                        SHA512

                                                                                                                                        5c9d2e96774fd897b537dfb201261d7bd19c896b9bbed3d360156ad5053d1595045fd2a2a326ffc3c953056024d7bfed162f7033f228ae37e5a5bc93af932a94

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2e2e1b52-753a-4ff4-9045-dc8fbeca4921.tmp
                                                                                                                                        Filesize

                                                                                                                                        1B

                                                                                                                                        MD5

                                                                                                                                        5058f1af8388633f609cadb75a75dc9d

                                                                                                                                        SHA1

                                                                                                                                        3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                        SHA256

                                                                                                                                        cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                        SHA512

                                                                                                                                        0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                                                                                                                                        Filesize

                                                                                                                                        649B

                                                                                                                                        MD5

                                                                                                                                        973155b30e498a3d61e72e004144db7e

                                                                                                                                        SHA1

                                                                                                                                        dfb8b344c87f73b23004e3964810d6eb35f34e81

                                                                                                                                        SHA256

                                                                                                                                        39a6ce6e1d84f725745825157f40ef6865bdc6cf63057b1ef54eb0f08d1d4567

                                                                                                                                        SHA512

                                                                                                                                        564d52a37d371aa1debef6a3882c4f315a345e0f23ad4e9130fc22f2270ad8732da91a33bed15819c83b6a9b160b3c4c960eb66a4b6f674d509da5e213259ab4

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
                                                                                                                                        Filesize

                                                                                                                                        44KB

                                                                                                                                        MD5

                                                                                                                                        e16f0fd7ab75d0cf6d4a09f1675b2a77

                                                                                                                                        SHA1

                                                                                                                                        a555e063dabc0c77a5d7e94b7dea76be89f655ba

                                                                                                                                        SHA256

                                                                                                                                        16459e2e70530bf3e66bdde7919f4a98046271555065f5421249c1721f98952c

                                                                                                                                        SHA512

                                                                                                                                        bd4bfd76332813aa37ef0f42e7c2285aeff376cdd2bb8900f0f9d1b1800b818685e2310a6a99a41c084933f9839e61ee9e7778b4c881ce3d0882812b41fb7f25

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
                                                                                                                                        Filesize

                                                                                                                                        264KB

                                                                                                                                        MD5

                                                                                                                                        ab22d03c4409af6a671ec059a1541b7d

                                                                                                                                        SHA1

                                                                                                                                        5d3cf22d2114ee134ec6ee2f97a0ec227cb23940

                                                                                                                                        SHA256

                                                                                                                                        46aba1cd08747b763db936fbc5a926f75fa407ce7a5eeecd1b4dc5194ab7a9c9

                                                                                                                                        SHA512

                                                                                                                                        9a797220d138c6d0aad522f12d8b559c9e404dc6e0ec98c2ba72f8208d936f7f62da9243e153e621dd22598915a97633ebc12dbb7958c70e1ebaccb6962313a9

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
                                                                                                                                        Filesize

                                                                                                                                        4.0MB

                                                                                                                                        MD5

                                                                                                                                        e3bb44e03e74d30a7d6442744f9b99ae

                                                                                                                                        SHA1

                                                                                                                                        f7c469a111b7afbf5f94fb80b16cfa2cf9411363

                                                                                                                                        SHA256

                                                                                                                                        f91d7a26ad36cfc17894457ef0d5e93a3b5f0e065e30a82a75d893a019059333

                                                                                                                                        SHA512

                                                                                                                                        4a581476fe5824aab0b288e47e4217adb6bcdd4387f6b9afc0e1bb800291c7fb51fd4bce60375ac74747bbee89a45fdf9f39ffd71033a766e82c2320e7140f2e

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                                                                                                                                        Filesize

                                                                                                                                        320B

                                                                                                                                        MD5

                                                                                                                                        5c0a2d6189653fe7fe6189661f2eb2fe

                                                                                                                                        SHA1

                                                                                                                                        94b7850315fbac25fbb5cd98bf92f446a37744fd

                                                                                                                                        SHA256

                                                                                                                                        dcd2a75473c5a43834a9bfb4cd73ebc571759b61f79243e38ffd743886e42b1e

                                                                                                                                        SHA512

                                                                                                                                        098e9662eacc0be9434747ae4bae470037173cfe0e5503b190a1aef6739689b1f7097fbc251760893fd44a55b62392bdd37233e26d7d114e2f68d3cab23785cf

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                        Filesize

                                                                                                                                        329B

                                                                                                                                        MD5

                                                                                                                                        7551786c357e25be358761f12c6a8378

                                                                                                                                        SHA1

                                                                                                                                        df2a899a7f2d9cbd2c7707e82a7a94bfbf231109

                                                                                                                                        SHA256

                                                                                                                                        27eec98c24943e12aeedad9a89ba8ae05458c6baa92ab222ce63cc6b9abd71ad

                                                                                                                                        SHA512

                                                                                                                                        7382e4ba9a5779b6bf84c4af3e9e376049914a930c66f0e8d68d237ba73a80b0978bf9ee482b107d03ca445be6d5c09def8e4f552d46a277285bec1c01da2a47

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log
                                                                                                                                        Filesize

                                                                                                                                        3KB

                                                                                                                                        MD5

                                                                                                                                        2125a2205b34ba116b247a2c0f22128a

                                                                                                                                        SHA1

                                                                                                                                        8ea64faf6f00eb15963cc5cd6ea09e6ca09a4431

                                                                                                                                        SHA256

                                                                                                                                        754db8daaa79480b2f55639397bda70a5e4c3495d58c637ed48471ca795b80aa

                                                                                                                                        SHA512

                                                                                                                                        bb91ec363b798f48a7c3bfa093298898680292713cf86147679c3bb29139a820ba278cbf27d9fb55c7c91182f9a2d307793ceeb7a3e0f00d91b533a806c09dfd

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
                                                                                                                                        Filesize

                                                                                                                                        336B

                                                                                                                                        MD5

                                                                                                                                        f440ed9a0b6fd08a48020a3bf8c5ffdd

                                                                                                                                        SHA1

                                                                                                                                        97d6f3d61f7d7995284706e2be20d3c49661f7b8

                                                                                                                                        SHA256

                                                                                                                                        6884a1fe50690d87ee16d7f549e80fa81b3bf46d064c366f531e9c12849f2131

                                                                                                                                        SHA512

                                                                                                                                        39b6ba373031191880aa2722b46cda3c7909c8dad743d3e3eccb4cf119570024c055f0300cf4066e5b109865634eec80a5e08484e627686f93cb3c7dfb0a36fc

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
                                                                                                                                        Filesize

                                                                                                                                        130KB

                                                                                                                                        MD5

                                                                                                                                        b0282ba76588817dcdbaad3068e45f06

                                                                                                                                        SHA1

                                                                                                                                        5eaf3c859f28a587f00f1f71efaa181e3765f933

                                                                                                                                        SHA256

                                                                                                                                        c9e597ab095222d0622648b2605fdc3523801e5edb5349181b101e09ec7fe537

                                                                                                                                        SHA512

                                                                                                                                        03450c0b9329a554c0cab1843b0bee994c4e2cc8f64431cae6c662bc663916c903690b14501c53c4fa71930d331cef241087a0eee15fa264562f7eb20290d9cc

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
                                                                                                                                        Filesize

                                                                                                                                        345KB

                                                                                                                                        MD5

                                                                                                                                        c0e760d09fd660dc759424f85e2eff2e

                                                                                                                                        SHA1

                                                                                                                                        bb273b889b1d1be067b2926f663c5b71041e44a1

                                                                                                                                        SHA256

                                                                                                                                        3fb8e2bc4223ee9afea8211b23df2f0ff00d5e915af358862da6f31a451d5b4c

                                                                                                                                        SHA512

                                                                                                                                        fbc87453977111da7ae60b15fefeafad8e89c6baf3b77d14e401ae3c3b1bc9a691a9c349746def03e5b2f8acd3b9174f014888002b8b3b379b2e27b30898e1dc

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                                        Filesize

                                                                                                                                        48B

                                                                                                                                        MD5

                                                                                                                                        0169910f190d21aba3256b1da53ddae3

                                                                                                                                        SHA1

                                                                                                                                        4f5ffc6166bbabae4f52786ad4a5fbbd718b5d66

                                                                                                                                        SHA256

                                                                                                                                        19ce6a1e4ebd4271c23ae0fac1b424a41e22d5870425ae59ed2e02c055fc815b

                                                                                                                                        SHA512

                                                                                                                                        671dc10efe75c95c1c5f362e4aa6c115afe6c330f45bbee3d785f0ffa48e2ec5eecfafa7c3f07f4fae21fc2cf8d28a0916bd264212ff864ccbe87312e6138a9e

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                                                                                                                                        Filesize

                                                                                                                                        308B

                                                                                                                                        MD5

                                                                                                                                        4e7982b86b3d7d916b7722aa3b3f0669

                                                                                                                                        SHA1

                                                                                                                                        ce4e874903cb71d9012cc7654ca7a6ba5e4f7efd

                                                                                                                                        SHA256

                                                                                                                                        cbee1100a2c9add47776b7e416b58a809f6feb9fe458bef8185b0c176b5db340

                                                                                                                                        SHA512

                                                                                                                                        c4dda8b36e90a327061dab901730f47fc23cca129b02a157f1ed0c566a1d6dddf272a4e74d3acbf14eb3a7fac0820387a584db9e19ca299724ed7f3030f891bb

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                                                                                                                                        Filesize

                                                                                                                                        317B

                                                                                                                                        MD5

                                                                                                                                        1f161b71e47f38cf7875b056d05478d8

                                                                                                                                        SHA1

                                                                                                                                        af7c5099b100fc473c1a10c96a856238fae5a6fa

                                                                                                                                        SHA256

                                                                                                                                        976256004ae57d1e3490a0cfc26e3fea8a4ec4e9f9f99dcb34643c9cf1acb6b5

                                                                                                                                        SHA512

                                                                                                                                        ebe6c6b1ab8e393f456c2c278f38937f588ab13886d8e257e8f9f927319b441e706a7e66fc746c6bdefb1a65412300d5d508be56bdf52e10ac6a72f5ee6c413d

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                        Filesize

                                                                                                                                        348B

                                                                                                                                        MD5

                                                                                                                                        62bd129f46bd141e6bd78e4771089698

                                                                                                                                        SHA1

                                                                                                                                        039d490cd899fdee176d439b15e3d595c5c5b063

                                                                                                                                        SHA256

                                                                                                                                        64893ed5f4fe3d916faccbb9f5145d1e1c6ee5571f744e7832ccc021a2ca7701

                                                                                                                                        SHA512

                                                                                                                                        29732b3396a7cadc2e3335974e7918ff662e13ea7c1680c1228e36bf1cc58750f0488de367b017df905ca6863e344b92e3e2e0593ece0f0d866ce352eceb4581

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                        Filesize

                                                                                                                                        321B

                                                                                                                                        MD5

                                                                                                                                        a6dd75f13bb10fcad689007dbdbe7dc0

                                                                                                                                        SHA1

                                                                                                                                        5bf8fbb1fe4d6acac62c348ba9e25c9cdccbeab8

                                                                                                                                        SHA256

                                                                                                                                        6b3593f68f40b6409e7241e58a3a78cf7973dddc1d7433130a3f3a442fbae63b

                                                                                                                                        SHA512

                                                                                                                                        38fcf6e0a5236f04598ac563d73c019ab230a1ce703a362dd7c5997f89397fe62ba2618aefdef58fa4cf8e430e198379b099e5ec3098bcae12253ad09cd822a3

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal
                                                                                                                                        Filesize

                                                                                                                                        12KB

                                                                                                                                        MD5

                                                                                                                                        b2dee38d755967fd28a5073b82c5a81e

                                                                                                                                        SHA1

                                                                                                                                        96f042cb24da531d97fa3c6fd40eea86b796364e

                                                                                                                                        SHA256

                                                                                                                                        a7c2e84d98c1986d38545556c555120dfe35f60f1d1f54ec2915a44af422ab8f

                                                                                                                                        SHA512

                                                                                                                                        b346864a2af0f113cd55bfa13cd6e56623184ee2348647f32a6ea910759cc4d1b8698e577e73c546f2af2125e2799e7adf6cbb20a0971ed3642ac41a92f39c9c

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
                                                                                                                                        Filesize

                                                                                                                                        24KB

                                                                                                                                        MD5

                                                                                                                                        4b8b9830bcb75a870d218f1a0c98d017

                                                                                                                                        SHA1

                                                                                                                                        0a7cb9bfe8c616534e8e0017f2bf5c76f40a7256

                                                                                                                                        SHA256

                                                                                                                                        aa32520954b15848d4add2aa9a6248c30ec2c4e7e091933c4c1e423318fb05fc

                                                                                                                                        SHA512

                                                                                                                                        09c5e520c9fc243dd67a7b5d0a766def44493228ef13d05c2457270ce5c1f3bb2009d98d8eb80c0c1526319af1b035b92f37bfd1e4de3f7beff7079289dbda4b

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
                                                                                                                                        Filesize

                                                                                                                                        320B

                                                                                                                                        MD5

                                                                                                                                        a48704a42aa13a93b1c24a55d0a89903

                                                                                                                                        SHA1

                                                                                                                                        70262524681d125ee84b069f5b8c0f9b2b3ddeee

                                                                                                                                        SHA256

                                                                                                                                        6777161e2669aa600540edccb920a098e442d1a5d3d4374f2b207bb4a006dfc8

                                                                                                                                        SHA512

                                                                                                                                        5d78e2d0a1878c1688b7b54fffd4df66eef10c64cc56014f32707e08aacad8db19ca02caa247f1f1c3c09beba28205eaf65382cd3068f89cb9bec2abffc3eb8a

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                                        Filesize

                                                                                                                                        1KB

                                                                                                                                        MD5

                                                                                                                                        ebfbd45787532cd48de6f5b06eb570c7

                                                                                                                                        SHA1

                                                                                                                                        7c5466223e3a87e215137245de89dc75fdedf0f3

                                                                                                                                        SHA256

                                                                                                                                        fd64a0e1a20173086c23b74dc837da3629d7dd1e04ffcc9833f11778cff4f15c

                                                                                                                                        SHA512

                                                                                                                                        13ebf5c96ffadb6cc7ebcc1c6c16ac1be13ef8067b55dbf2c6e681452e6a3c5d49d3cd1900dbe9d1db212255e25e4233faf3b7b52883bacf3c508871f7f80f00

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                                        Filesize

                                                                                                                                        338B

                                                                                                                                        MD5

                                                                                                                                        1d131a280d18ffd0c41275c1f8e40337

                                                                                                                                        SHA1

                                                                                                                                        d86629ba26abe8159c3fe6a4d0d499ef31c3c04b

                                                                                                                                        SHA256

                                                                                                                                        82296393502100d7bfebcb54f34c0d1ef224a8cf63185593c410501c89236a97

                                                                                                                                        SHA512

                                                                                                                                        eb9fde618622061ae3f7c2f2d5c5520b3c13b28d590e3e224fe365db146469b11754866df9e05e256c8010d68a43ce67ac7d9b407ea825a0d357237da9d6c645

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
                                                                                                                                        Filesize

                                                                                                                                        44KB

                                                                                                                                        MD5

                                                                                                                                        6d46fca234039b48fe70b324b5d18a48

                                                                                                                                        SHA1

                                                                                                                                        01e011c2aa95aabdbaa0e943d82226413b039bcc

                                                                                                                                        SHA256

                                                                                                                                        092d84e0fec3601ad55baf81efd6e8e84b9c4b96b6d35f31fc2e5ddaf95da34a

                                                                                                                                        SHA512

                                                                                                                                        f6964f7a51cbf2f41781cfb8ab6e7be623481353f9dc5fb1c898082a2ccb77a6d9512d2d7109da42883d30686811507821656c36ca51bf018abaa503d1dbeeb3

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
                                                                                                                                        Filesize

                                                                                                                                        264KB

                                                                                                                                        MD5

                                                                                                                                        5c75be5fe049dd1616539d95370b79fd

                                                                                                                                        SHA1

                                                                                                                                        c0a0a8ceb06ced557f84eee0234d0a80960ffc0f

                                                                                                                                        SHA256

                                                                                                                                        ddd1ad405502b00ca840da27e45b4714b11f136ce85d1ce9570e5c2fdfb31e6e

                                                                                                                                        SHA512

                                                                                                                                        732d45e5efecef79cbb3ae76796f9789f7e4b6062b76ddd6284eda1be5dd403aaf2312be2488034c8b88524c902e4e584308d3b6d1aad61a102e5820bbe4132f

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
                                                                                                                                        Filesize

                                                                                                                                        4.0MB

                                                                                                                                        MD5

                                                                                                                                        6ba52f1e5ecd6e9503e8da1b92abda08

                                                                                                                                        SHA1

                                                                                                                                        0b23a8c203226342b76dd33b56062b9c9810cce1

                                                                                                                                        SHA256

                                                                                                                                        0095d3d6231bba75b19c216e64012ac68eb63d29bcdccae02dfeef8a3a8f2f0d

                                                                                                                                        SHA512

                                                                                                                                        39d9ce49b68955daa987425972b251c6eb5212effd9f60519fdbfbb933b03aebeb94c6d956fec9c358b2b80c348aaf227291cb47b4a1b6d908313130ae0d07bd

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
                                                                                                                                        Filesize

                                                                                                                                        13B

                                                                                                                                        MD5

                                                                                                                                        a4710a30ca124ef24daf2c2462a1da92

                                                                                                                                        SHA1

                                                                                                                                        96958e2fe60d71e08ea922dfd5e69a50e38cc5db

                                                                                                                                        SHA256

                                                                                                                                        7114eaf0a021d2eb098b1e9f56f3500dc4f74ac68a87f5256922e4a4b9fa66b7

                                                                                                                                        SHA512

                                                                                                                                        43878e3bc6479df9e4ebd11092be61a73ab5a1441cd0bc8755edd401d37032c44a7279bab477c01d563ab4fa5d8078c0ba163a9207383538e894e0a7ff5a3e15

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                        Filesize

                                                                                                                                        78KB

                                                                                                                                        MD5

                                                                                                                                        6195bb75bfada8c3d39fbb392833d70b

                                                                                                                                        SHA1

                                                                                                                                        6919c2990c069da9e7255853a29c7a0aaa55ab4d

                                                                                                                                        SHA256

                                                                                                                                        d260546624bbe0a53adb313c0df5ddd4c28283db06becc6d81cc25b7fb6ddd75

                                                                                                                                        SHA512

                                                                                                                                        92db92d4e115e56d149f75eae91d3871583a648971fbb67d685bc580f07cfce960d4ae63721d1a4bf22b0ec76bf840854a889617741e4a22a8c2e7139e48c539

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
                                                                                                                                        Filesize

                                                                                                                                        86B

                                                                                                                                        MD5

                                                                                                                                        16b7586b9eba5296ea04b791fc3d675e

                                                                                                                                        SHA1

                                                                                                                                        8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                                        SHA256

                                                                                                                                        474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                                        SHA512

                                                                                                                                        58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        280B

                                                                                                                                        MD5

                                                                                                                                        50682d36ea29dc25028cb8219fc8a699

                                                                                                                                        SHA1

                                                                                                                                        f986acb0971c6b7337f450510cab2cb6f74164e8

                                                                                                                                        SHA256

                                                                                                                                        da7fcfc287a041747fbcd486e0e8791a5fb30c64e345e73918d41cee1f655484

                                                                                                                                        SHA512

                                                                                                                                        5e582708ff6a5e6fd56da0a1d5448fbde1588f704178a8347880357c8b29a113cb0660dc22ed2702ba34a7be7d7d7ac37451c16f473d03ce8273025e35d9bcc8

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        280B

                                                                                                                                        MD5

                                                                                                                                        c491ebd605eb9306a5c27218432124ff

                                                                                                                                        SHA1

                                                                                                                                        5adb4739fe902affec339eb638272bc329a08707

                                                                                                                                        SHA256

                                                                                                                                        5a34685a45f0d6c9d1c85d4f676c8f9ed4270dce44193f6b53abf84130c8f6f5

                                                                                                                                        SHA512

                                                                                                                                        f257da799495a9c7184b02874ca6a743830684e7da522b3ad9fd5af8507a7f0726e5cc53dac6fdf644a5af417805cf959bad403899ad06332e9381f5577b758c

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        280B

                                                                                                                                        MD5

                                                                                                                                        6704d1c4d61573d7952ba248238b1150

                                                                                                                                        SHA1

                                                                                                                                        26768c5cfb682afb97953836de24c2da338481f4

                                                                                                                                        SHA256

                                                                                                                                        aaa3a751de7affb56db7258faa4a79ba8bfc2594bfb22b031fad1144cd193b1e

                                                                                                                                        SHA512

                                                                                                                                        116ff51ee1396f163188010c0e0301959ff4431b24e2d16de5f53d3d32bc424b49bdc55dad0e4aa60c78ea665cd54a5dfb5ace67008adc4fe3374f409b9a68b0

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        280B

                                                                                                                                        MD5

                                                                                                                                        73539f441954041ea73eeea934a41b7b

                                                                                                                                        SHA1

                                                                                                                                        87d08311d185487cafa40888c1926bc23f2e8258

                                                                                                                                        SHA256

                                                                                                                                        00c5d7b9e6e0953fc319949276f3d46d5b01f99f90f31ab059e377286acc97d8

                                                                                                                                        SHA512

                                                                                                                                        e5d26dbfc719ac2bc20ebaf9e43b36e17776d41c278cab5184be96813078147c0274c11f6f7879cad207abdc0b05badadaddfc88379b178f81f1cfb82e720fcb

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                        Filesize

                                                                                                                                        280B

                                                                                                                                        MD5

                                                                                                                                        093436bd5e22d03a1a676742f575e3fb

                                                                                                                                        SHA1

                                                                                                                                        a61f7599e0b82d38a81374936b6e9d80947e41c2

                                                                                                                                        SHA256

                                                                                                                                        753806a23329bdf53f1ae58338502693f8db517578f579e0dbf39f1a08dc94b0

                                                                                                                                        SHA512

                                                                                                                                        e10e2a6d2e1ae0098768824323400b52e6268e98596ef94cddd2893533d8b43c3506dbd559aa2811a2670afd6900eb96c8ea7584454b1ef15210c2454c0b5d1c

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                                                                                                                        Filesize

                                                                                                                                        2B

                                                                                                                                        MD5

                                                                                                                                        99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                        SHA1

                                                                                                                                        bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                        SHA256

                                                                                                                                        44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                        SHA512

                                                                                                                                        27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
                                                                                                                                        Filesize

                                                                                                                                        107KB

                                                                                                                                        MD5

                                                                                                                                        2b66d93c82a06797cdfd9df96a09e74a

                                                                                                                                        SHA1

                                                                                                                                        5f7eb526ee8a0c519b5d86c845fea8afd15b0c28

                                                                                                                                        SHA256

                                                                                                                                        d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954

                                                                                                                                        SHA512

                                                                                                                                        95e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                        Filesize

                                                                                                                                        2B

                                                                                                                                        MD5

                                                                                                                                        d751713988987e9331980363e24189ce

                                                                                                                                        SHA1

                                                                                                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                        SHA256

                                                                                                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                        SHA512

                                                                                                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                        Filesize

                                                                                                                                        40B

                                                                                                                                        MD5

                                                                                                                                        20d4b8fa017a12a108c87f540836e250

                                                                                                                                        SHA1

                                                                                                                                        1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                                                                        SHA256

                                                                                                                                        6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                                                                        SHA512

                                                                                                                                        507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\e1af241f-c1ea-41bf-97a7-aeffa1a0b157.tmp
                                                                                                                                        Filesize

                                                                                                                                        1KB

                                                                                                                                        MD5

                                                                                                                                        3991678c84242646901fce39cec5b1fd

                                                                                                                                        SHA1

                                                                                                                                        0d251bddc0bef4e50a117d6c9d7b08976ba35234

                                                                                                                                        SHA256

                                                                                                                                        e41bf400654a4a3396dccf655e15e25781a618c6210aa5e5481d39e52414d40a

                                                                                                                                        SHA512

                                                                                                                                        00115b583a7cf7f3903807157000ee51afae3c4af86f372ca35c01e4ede0c968981814eff488d6d0d3c566c0ef5b93ef8ce702badb72884a0bca0fce993c723f

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                        Filesize

                                                                                                                                        15KB

                                                                                                                                        MD5

                                                                                                                                        6e8e0193fb3aa6489deec4383ba9e6f8

                                                                                                                                        SHA1

                                                                                                                                        39619a4637d677cd4be4d9fb0c7fd3e482dcd565

                                                                                                                                        SHA256

                                                                                                                                        9ca6a0e4b5f7c78a1172fb999e92a3af0c093c3e2eb47a9b1221c8eb288fe009

                                                                                                                                        SHA512

                                                                                                                                        7fe0f58e29f0e1157772d0b3512dd0ad94dc55cfc27fc69bc3f85d6f6ff70a0812d9eea168ae9049b8765a6a355b80b17c0a29cba624cfa2d9168456bc4e0b13

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                        Filesize

                                                                                                                                        36KB

                                                                                                                                        MD5

                                                                                                                                        a5b2cd9f8542b0afd00f06f607f6fb6d

                                                                                                                                        SHA1

                                                                                                                                        250dd7922105de5f717e1afd97ec5727a0ee247b

                                                                                                                                        SHA256

                                                                                                                                        84fa234d1124abfc24735ee9e9b6713621c3ac7a64bd2a6f5872edc1f73f02f6

                                                                                                                                        SHA512

                                                                                                                                        5ca513ba40f4bc055e4e0ee3d35b1491a9aeff2353e14da99d9e094ed176fa601880baadcb0d57dac5c0323ccaaf74a7379d891a677b24839e6b235803ba42b8

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\5cb4ebaf-2228-469a-ae44-7449152ffb03\index-dir\the-real-index
                                                                                                                                        Filesize

                                                                                                                                        2KB

                                                                                                                                        MD5

                                                                                                                                        a75e8c0526c9d514a20b29c03da4cff1

                                                                                                                                        SHA1

                                                                                                                                        6a318a12d315a5fcaea38c7cdfb1d4f60e47cbd7

                                                                                                                                        SHA256

                                                                                                                                        05d0cf8c2fdd0f591165d52eccf21792bd816725a94255a1413ba37d55c92560

                                                                                                                                        SHA512

                                                                                                                                        4ddc736854d3d5f1f1c7796750eedb35ea43eb7c6c799adf627609e6bab77f450f29448535ee0ea3a2beeeadbcaebbd55791e1583d5753815c79930a4eda313b

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\5cb4ebaf-2228-469a-ae44-7449152ffb03\index-dir\the-real-index
                                                                                                                                        Filesize

                                                                                                                                        2KB

                                                                                                                                        MD5

                                                                                                                                        74ea02f8fc432521285ddcef10b1ac71

                                                                                                                                        SHA1

                                                                                                                                        85560dc7fa4ca3e8951b8d7ae17e47017b2927ba

                                                                                                                                        SHA256

                                                                                                                                        08fbce1d2fb0090fc68668bba489efb0e63d20997c89e4c811cef6cf29bbbe0f

                                                                                                                                        SHA512

                                                                                                                                        da65c9577bf51787a88dd4c9c3882afbb9b92f859b259f2eac118ba1aeaa211bbae9e9f03085ad0192d448bb90d2075ca56a328e9dc289a993d42ef90908ae55

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\5cb4ebaf-2228-469a-ae44-7449152ffb03\index-dir\the-real-index~RFe585a60.TMP
                                                                                                                                        Filesize

                                                                                                                                        2KB

                                                                                                                                        MD5

                                                                                                                                        82235841fda1b12780dcaeebf6a1ad4a

                                                                                                                                        SHA1

                                                                                                                                        cbea6b7b4aadfbf036a9afb114f6e1d5d9fc6f54

                                                                                                                                        SHA256

                                                                                                                                        d5218491463291e06593c006405075e3275ccce8cc92c39aa7a8b9343a5f130a

                                                                                                                                        SHA512

                                                                                                                                        45324659054e3dbdb84113fe30ba10df1818dd581b86a549c223d996c8df66997e3b070b5d382898f2405f491ac40597235f98ab84f4db2f6b8b02fee6569e67

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\5cb4ebaf-2228-469a-ae44-7449152ffb03\index-dir\the-real-index~RFe588632.TMP
                                                                                                                                        Filesize

                                                                                                                                        2KB

                                                                                                                                        MD5

                                                                                                                                        056381491e738cec64d166e738c8625f

                                                                                                                                        SHA1

                                                                                                                                        512f46f1546fc0d7b975480fc4f9206a1f315cbb

                                                                                                                                        SHA256

                                                                                                                                        fcd146cf223f6be4a348d8d1a4e0725743c6dd3fb904a98676e32062acd26b94

                                                                                                                                        SHA512

                                                                                                                                        b256ee5dc7f9160da9fd6e93c5e03f0de40d6e371b28c181af85236916bb3ecee47ace6503b7495b71099312ea8b704bfbfb4f527ba717b01e754646323f49d5

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
                                                                                                                                        Filesize

                                                                                                                                        22KB

                                                                                                                                        MD5

                                                                                                                                        99f1a487a1270876de63c995994a9653

                                                                                                                                        SHA1

                                                                                                                                        1259c2335a3ffbe24d6b838f398e33e7b8d06fcc

                                                                                                                                        SHA256

                                                                                                                                        52b5fde68e595dfd91828ee6c358b1bc464ab110ec1f710f33b721752788179d

                                                                                                                                        SHA512

                                                                                                                                        b66754baed0f38521d4e91d3254182ac8e537269518dd4fc396856e8275caa10dffc630b22e531d196e4c0b97d4533d12cdeb104dfbd590bfa7d002edefffaf4

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                        Filesize

                                                                                                                                        40KB

                                                                                                                                        MD5

                                                                                                                                        3463b5989c52be77f1ab18019e33dc46

                                                                                                                                        SHA1

                                                                                                                                        b243389fad303f41e0883ad07e582b40e18d63b8

                                                                                                                                        SHA256

                                                                                                                                        9f2753bae668c65efafaf17ff43b1c61e413fd966bad954b57449326c2f93acb

                                                                                                                                        SHA512

                                                                                                                                        f4ac06b4e94d7e6cd05e3ca43bea18c68912dd6f4d03d3206fc651377dd7f250ce85dcecc51cae4d1fb7376b8973c2f742bffeb35d457195078204315318fe86

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                        Filesize

                                                                                                                                        49KB

                                                                                                                                        MD5

                                                                                                                                        28489422cdf989d8310b9558d8921b05

                                                                                                                                        SHA1

                                                                                                                                        8c7288aaac0e8cd817e77c3c33f446d96613603b

                                                                                                                                        SHA256

                                                                                                                                        5555617161be34737b3a15af1bb9ab6d9b76afe2650a7888c61ac42a5dda4fac

                                                                                                                                        SHA512

                                                                                                                                        4bcf78c3c0f0a90109eea6f616007acf7e47629780ef5337aa68eb25745cfd6aff9e36c32be08466aef78f14d7fd99ab9eaae3e2d69a1fdd995a24f39872ac31

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                        Filesize

                                                                                                                                        49KB

                                                                                                                                        MD5

                                                                                                                                        e22472052d579e1457d97c964a0003e1

                                                                                                                                        SHA1

                                                                                                                                        6cb4709985f2730b98b5340001187deb267045b7

                                                                                                                                        SHA256

                                                                                                                                        53b5ccfc2b121fbf333eb66b3e5080078794605185cf7a114672d65a41ffc0a7

                                                                                                                                        SHA512

                                                                                                                                        81211903924e2150b579a57a1adff798b7fc6791cb106d4811decbd2fd4cd4191c7d2e88dd250d7b74d148d7f580fd5a2d53150b856275f64c250a740bd69ef5

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                        Filesize

                                                                                                                                        40KB

                                                                                                                                        MD5

                                                                                                                                        36f96a1c96d237f0d2a3422d0c34ff57

                                                                                                                                        SHA1

                                                                                                                                        0af6488bcee0235d086544a7405579f4dc720c33

                                                                                                                                        SHA256

                                                                                                                                        e1fb6508d2fd1761ea1005b3428bee5d3a3fef21fa56ee42540232fa97bd51cd

                                                                                                                                        SHA512

                                                                                                                                        d69eb7c3ba210861daea6bbb31462ca1926c6bbc9b195d504e90a9248f9097e19ce879bcca9bd869385826d150c75b6f5e811dbd324ac911701c5a46ae5303df

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
                                                                                                                                        Filesize

                                                                                                                                        2KB

                                                                                                                                        MD5

                                                                                                                                        aa04ea4f5a27b577f585879edd9c642d

                                                                                                                                        SHA1

                                                                                                                                        4ddf5d428dab1b93bc1f700917a9f00315eab522

                                                                                                                                        SHA256

                                                                                                                                        eabcec094e10ba511a0a6fa1c5121ec5ead9bea46c92295397fc2d649b4bba51

                                                                                                                                        SHA512

                                                                                                                                        947d3bdb27debe2ca7d10943e75577fb797afca3015499938ebbb71ea0dc6856819f1aaf0fc5343b6c5a8b5d43001e0c1fd4fb31927ada7b40916fc0b11dfb51

                                                                                                                                        Download Submit

                                                                                                                                      • C:\Users\Admin\Downloads\file.exe.crdownload
                                                                                                                                        Filesize

                                                                                                                                        556KB

                                                                                                                                        MD5

                                                                                                                                        d510396277a666720627f5df62bd53eb

                                                                                                                                        SHA1

                                                                                                                                        7acf176af54493aac227097b01a38242c069c28b

                                                                                                                                        SHA256

                                                                                                                                        d28bc1b8975df8985c266826dc2111d6c50989fce391f72327171df965231166

                                                                                                                                        SHA512

                                                                                                                                        e459a1212969aecd935bcf1182ad887b7cc5319ebf1b489ae9bc3a18e2855994de46ab7ff8a7d6f968ff844b8beac243bd3b4b2fd6a572bfc1ad0a689c960154

                                                                                                                                        Download Submit

                                                                                                                                      • memory/1204-319-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-321-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-320-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-291-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-290-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-318-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-221-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-316-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-285-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-283-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1204-282-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-423-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-402-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-470-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-409-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-239-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-421-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-408-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-410-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-413-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-405-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-416-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/1420-420-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-288-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-296-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-297-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-299-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-300-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-301-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-302-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-287-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-289-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/2888-298-0x0000021DB5C60000-0x0000021DB5C61000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        4KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-249-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-407-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-411-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-412-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-406-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-414-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-415-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-404-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-403-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-365-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-422-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-254-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-443-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-462-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-463-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-464-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-466-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-246-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-471-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-472-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-245-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-244-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-243-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-242-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-241-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-240-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-237-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-219-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download

                                                                                                                                      • memory/4864-217-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                        Filesize

                                                                                                                                        164KB

                                                                                                                                        Download