Resubmissions

08/05/2025, 07:57

250508-js811azsfs 4

08/05/2025, 07:46

250508-jmc2dazsbz 10

08/05/2025, 07:41

250508-jh4crs1rv4 8

Analysis

  • max time kernel
    147s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250502-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250502-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2025, 07:41

General

  • Target

    https://maconsmallbusinesses.com/wp-content/uploads/2018/08/

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file 1 IoCs
  • Drops file in Program Files directory 8 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://maconsmallbusinesses.com/wp-content/uploads/2018/08/
    1⤵
    • Drops file in Program Files directory
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:1528
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2ec,0x7ffa25bef208,0x7ffa25bef214,0x7ffa25bef220
      2⤵
        PID:4448
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1388,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=2272 /prefetch:3
        2⤵
        • Downloads MZ/PE file
        PID:4844
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2072,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=2064 /prefetch:2
        2⤵
          PID:856
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1808,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=2672 /prefetch:8
          2⤵
            PID:1596
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3520,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=3580 /prefetch:1
            2⤵
              PID:1656
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3528,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
              2⤵
                PID:4244
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4180,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1
                2⤵
                  PID:1824
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4252,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4304 /prefetch:2
                  2⤵
                    PID:212
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3700,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=3688 /prefetch:8
                    2⤵
                      PID:408
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5084,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5300 /prefetch:8
                      2⤵
                        PID:3364
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5144,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:8
                        2⤵
                          PID:8
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3512,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=3712 /prefetch:8
                          2⤵
                            PID:5128
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5884,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5920 /prefetch:8
                            2⤵
                              PID:5252
                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5884,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5920 /prefetch:8
                              2⤵
                                PID:5296
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6080,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6088 /prefetch:8
                                2⤵
                                  PID:5684
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6100,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6108 /prefetch:8
                                  2⤵
                                    PID:5872
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6264,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:8
                                    2⤵
                                      PID:6020
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6428,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6436 /prefetch:8
                                      2⤵
                                        PID:6032
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6600,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6192 /prefetch:8
                                        2⤵
                                          PID:6068
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6748,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6760 /prefetch:8
                                          2⤵
                                            PID:6108
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6912,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6604 /prefetch:8
                                            2⤵
                                              PID:5248
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6744,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=7052 /prefetch:8
                                              2⤵
                                                PID:3876
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6180,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:8
                                                2⤵
                                                  PID:6016
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6256,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6924 /prefetch:8
                                                  2⤵
                                                  • Modifies registry class
                                                  • Suspicious use of SetWindowsHookEx
                                                  PID:5884
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6920,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4248 /prefetch:1
                                                  2⤵
                                                    PID:5744
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6712,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6532 /prefetch:8
                                                    2⤵
                                                      PID:5800
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6764,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6276 /prefetch:8
                                                      2⤵
                                                        PID:5804
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6936,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6848 /prefetch:8
                                                        2⤵
                                                          PID:6020
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6864,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:8
                                                          2⤵
                                                            PID:3684
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=704,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4284 /prefetch:8
                                                            2⤵
                                                            • Modifies registry class
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:5616
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=6084,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6816 /prefetch:1
                                                            2⤵
                                                              PID:5532
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5424,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8
                                                              2⤵
                                                                PID:5488
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7008,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=3716 /prefetch:8
                                                                2⤵
                                                                • Modifies registry class
                                                                • Suspicious use of SetWindowsHookEx
                                                                PID:5304
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=5516,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:1
                                                                2⤵
                                                                  PID:5476
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6964,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5208 /prefetch:8
                                                                  2⤵
                                                                    PID:996
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4232,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6816 /prefetch:8
                                                                    2⤵
                                                                    • Modifies registry class
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:2936
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=6768,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6240 /prefetch:1
                                                                    2⤵
                                                                      PID:8
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6860,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6732 /prefetch:8
                                                                      2⤵
                                                                        PID:4456
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6288,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6460 /prefetch:8
                                                                        2⤵
                                                                          PID:5128
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4388,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4376 /prefetch:8
                                                                          2⤵
                                                                          • Modifies registry class
                                                                          • Suspicious use of SetWindowsHookEx
                                                                          PID:3076
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=2740,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6952 /prefetch:1
                                                                          2⤵
                                                                            PID:5856
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6300,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6944 /prefetch:8
                                                                            2⤵
                                                                              PID:5752
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5256,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:8
                                                                              2⤵
                                                                                PID:5908
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5812,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:8
                                                                                2⤵
                                                                                • Modifies registry class
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:3864
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --always-read-main-dll --field-trial-handle=5820,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6076 /prefetch:1
                                                                                2⤵
                                                                                  PID:5324
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5460,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5272 /prefetch:8
                                                                                  2⤵
                                                                                    PID:5984
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6968,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6952 /prefetch:8
                                                                                    2⤵
                                                                                    • Modifies registry class
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:1944
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6196,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=6884 /prefetch:8
                                                                                    2⤵
                                                                                      PID:5328
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --always-read-main-dll --field-trial-handle=6944,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=5264 /prefetch:1
                                                                                      2⤵
                                                                                        PID:6040
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5412,i,11517459100378419740,16462896520009776181,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:8
                                                                                        2⤵
                                                                                          PID:5232
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                                                                          2⤵
                                                                                          • Drops file in Program Files directory
                                                                                          • Checks processor information in registry
                                                                                          • Enumerates system info in registry
                                                                                          • Modifies data under HKEY_USERS
                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                          PID:3788
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x268,0x7ffa25bef208,0x7ffa25bef214,0x7ffa25bef220
                                                                                            3⤵
                                                                                              PID:5540
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1852,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:3
                                                                                              3⤵
                                                                                                PID:4424
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2172,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=2168 /prefetch:2
                                                                                                3⤵
                                                                                                  PID:5712
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1956,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=2500 /prefetch:8
                                                                                                  3⤵
                                                                                                    PID:5476
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4116,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:8
                                                                                                    3⤵
                                                                                                      PID:4196
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4116,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:8
                                                                                                      3⤵
                                                                                                        PID:2944
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4576,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4584 /prefetch:8
                                                                                                        3⤵
                                                                                                          PID:3280
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4672,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4692 /prefetch:8
                                                                                                          3⤵
                                                                                                            PID:408
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4660,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4712 /prefetch:8
                                                                                                            3⤵
                                                                                                              PID:3300
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4648,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4752 /prefetch:8
                                                                                                              3⤵
                                                                                                                PID:5372
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4628,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4740 /prefetch:8
                                                                                                                3⤵
                                                                                                                  PID:4368
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4988,i,9093997190507733188,4900416005990496487,262144 --variations-seed-version --mojo-platform-channel-handle=4820 /prefetch:8
                                                                                                                  3⤵
                                                                                                                    PID:1488
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                1⤵
                                                                                                                  PID:544
                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                  C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                                                                  1⤵
                                                                                                                    PID:5476
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                                                                      2⤵
                                                                                                                        PID:5580
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --string-annotations --field-trial-handle=5632,i,6139730600478074474,11892363901222880479,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5624 /prefetch:8
                                                                                                                      1⤵
                                                                                                                        PID:6088
                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --string-annotations --field-trial-handle=5420,i,6139730600478074474,11892363901222880479,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5416 /prefetch:8
                                                                                                                        1⤵
                                                                                                                          PID:5600
                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --string-annotations --field-trial-handle=5388,i,6139730600478074474,11892363901222880479,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5668 /prefetch:8
                                                                                                                          1⤵
                                                                                                                            PID:5568
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                                            1⤵
                                                                                                                              PID:4980
                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1696,i,6139730600478074474,11892363901222880479,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4924 /prefetch:8
                                                                                                                              1⤵
                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                              PID:3264

                                                                                                                            Network

                                                                                                                                  MITRE ATT&CK Enterprise v16

                                                                                                                                  Replay Monitor

                                                                                                                                  Loading Replay Monitor...

                                                                                                                                  Downloads

                                                                                                                                  • C:\Program Files\chrome_Unpacker_BeginUnzipping1528_840894555\manifest.json

                                                                                                                                    Filesize

                                                                                                                                    43B

                                                                                                                                    MD5

                                                                                                                                    af3a9104ca46f35bb5f6123d89c25966

                                                                                                                                    SHA1

                                                                                                                                    1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8

                                                                                                                                    SHA256

                                                                                                                                    81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea

                                                                                                                                    SHA512

                                                                                                                                    6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1

                                                                                                                                  • C:\Program Files\chrome_Unpacker_BeginUnzipping3788_2029369418\manifest.fingerprint

                                                                                                                                    Filesize

                                                                                                                                    66B

                                                                                                                                    MD5

                                                                                                                                    496b05677135db1c74d82f948538c21c

                                                                                                                                    SHA1

                                                                                                                                    e736e675ca5195b5fc16e59fb7de582437fb9f9a

                                                                                                                                    SHA256

                                                                                                                                    df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

                                                                                                                                    SHA512

                                                                                                                                    8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

                                                                                                                                  • C:\Program Files\chrome_Unpacker_BeginUnzipping3788_2029369418\manifest.json

                                                                                                                                    Filesize

                                                                                                                                    134B

                                                                                                                                    MD5

                                                                                                                                    049c307f30407da557545d34db8ced16

                                                                                                                                    SHA1

                                                                                                                                    f10b86ebfe8d30d0dc36210939ca7fa7a819d494

                                                                                                                                    SHA256

                                                                                                                                    c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

                                                                                                                                    SHA512

                                                                                                                                    14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

                                                                                                                                  • C:\Program Files\chrome_Unpacker_BeginUnzipping3788_546023397\manifest.json

                                                                                                                                    Filesize

                                                                                                                                    160B

                                                                                                                                    MD5

                                                                                                                                    c3911ceb35539db42e5654bdd60ac956

                                                                                                                                    SHA1

                                                                                                                                    71be0751e5fc583b119730dbceb2c723f2389f6c

                                                                                                                                    SHA256

                                                                                                                                    31952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d

                                                                                                                                    SHA512

                                                                                                                                    d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist

                                                                                                                                    Filesize

                                                                                                                                    105KB

                                                                                                                                    MD5

                                                                                                                                    6b75d9bb2c81bcca8182bd8251593e50

                                                                                                                                    SHA1

                                                                                                                                    3e330ed26fd626ee18e992dd50b698375afe1a1e

                                                                                                                                    SHA256

                                                                                                                                    7f4ee78a24e42c7c3291be9948dd6c8bb66948a9e40a705320162c6975f6dd4a

                                                                                                                                    SHA512

                                                                                                                                    f83bdb8cb01f064b7e13a42e563c9bd70fcb952fb3f7c0a4b9dcc8d6f1da395198e5d7482e9a848427dac93061a2d97985b94f59fadb92a739d23d33f7e83186

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

                                                                                                                                    Filesize

                                                                                                                                    3KB

                                                                                                                                    MD5

                                                                                                                                    f9fd82b572ef4ce41a3d1075acc52d22

                                                                                                                                    SHA1

                                                                                                                                    fdded5eef95391be440cc15f84ded0480c0141e3

                                                                                                                                    SHA256

                                                                                                                                    5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

                                                                                                                                    SHA512

                                                                                                                                    17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                    Filesize

                                                                                                                                    280B

                                                                                                                                    MD5

                                                                                                                                    c793e3a252a3212c090bb7c5c5fe903f

                                                                                                                                    SHA1

                                                                                                                                    061d0ca52594c6f85a89f8cabc1cad95058f7aad

                                                                                                                                    SHA256

                                                                                                                                    7dbcf8030a90ebb299d8c8b4cfd972aa64f5671e9482142399b860a4c33579ec

                                                                                                                                    SHA512

                                                                                                                                    cc559d3ea0fe36fe7415743366b932c8c08881e59412902a696a921bfd0ddc27b193ce9755de28c0fbf747a5036fed2f159a05643d3939f38739718f8306f3f8

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                    Filesize

                                                                                                                                    280B

                                                                                                                                    MD5

                                                                                                                                    48a81770d5aeaecbd866bb88e8388a08

                                                                                                                                    SHA1

                                                                                                                                    570fe9d7317f684b1cc924a6658c390cd59f5a08

                                                                                                                                    SHA256

                                                                                                                                    8ee5f3f288720cf7cc646b3de310d5223eddea57cb110e46b2ada68f5192d49e

                                                                                                                                    SHA512

                                                                                                                                    e0512c4856c5ff162be64a3069000bd939754aa1b5f52ce68c361f02d168a6734f9be511c0185efdc94d9550fd542bebc8b3a94d3eed58743602ad5dd8d6be8a

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

                                                                                                                                    Filesize

                                                                                                                                    44KB

                                                                                                                                    MD5

                                                                                                                                    ed30a5281722f9f0fcec189c06085e67

                                                                                                                                    SHA1

                                                                                                                                    09961fee0a536c341660ce6f6b07015e8bf40795

                                                                                                                                    SHA256

                                                                                                                                    ddea4c94aa869de871e5ead923aa6ee66cc8757decd4fe4617d838c61afd092e

                                                                                                                                    SHA512

                                                                                                                                    470c83f20ee108e0a49edff30913affc71a001f0efc09891c2117649b1fe5d18a45737e36fea47e3873d7de13b890bef7728a137f4d6985fa4bdca4f1de65be2

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

                                                                                                                                    Filesize

                                                                                                                                    264KB

                                                                                                                                    MD5

                                                                                                                                    d4d1088fb5fb551997699c49ca1197ac

                                                                                                                                    SHA1

                                                                                                                                    cd2d48115a758788353db25b4d96d3a381faf16e

                                                                                                                                    SHA256

                                                                                                                                    95f84460dbbebe2a7e1eb9243158eab3ab1442d26a9730dc37b9926df2068031

                                                                                                                                    SHA512

                                                                                                                                    4572970d583b25db6456f4760a6533c4b4249a49a8ea30cc4f1e71b1baaa0fed0296c510b0ba2b8aaf16d00efe2b6de9b519b224ec4fa2a5a90abadecdd6d372

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

                                                                                                                                    Filesize

                                                                                                                                    1.0MB

                                                                                                                                    MD5

                                                                                                                                    7a31fdb27035d83c9f211dceb302d475

                                                                                                                                    SHA1

                                                                                                                                    eb37a3e68b3df8b91c7274728fef8e0b02f69a70

                                                                                                                                    SHA256

                                                                                                                                    ed5b3373eb5d4f51c5493b544ad4faa3d2ef5bdd7fc202dbc97f87a4a58a2941

                                                                                                                                    SHA512

                                                                                                                                    3d1014e221e98600420f60cd51b8009136f6480d59bc04a53730277d8b6f3a6e70d804c21758f626cda3b315ee96ccd169d917a2fb0002b6bf7371ee2ad30707

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

                                                                                                                                    Filesize

                                                                                                                                    8.0MB

                                                                                                                                    MD5

                                                                                                                                    661dc42ad5784a7a206cc93045985109

                                                                                                                                    SHA1

                                                                                                                                    e6cf9fd40616ce11581f593321f81d6b9a9d5d9a

                                                                                                                                    SHA256

                                                                                                                                    14b9b1f72395ebb70d3582b19263557db58dfc34cd4344b506fbbf886fe53a03

                                                                                                                                    SHA512

                                                                                                                                    5de9b6f51fa3a7463b4d4c4ea31b624eb7fdb763ceff43df2c99221dc09113ba91c79946cad2cad167902103bec2822cb9be8ef69770cea4c4e55018aed2d2f5

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                    Filesize

                                                                                                                                    3KB

                                                                                                                                    MD5

                                                                                                                                    862f9b3d0bdc999c99b33ff6285f0918

                                                                                                                                    SHA1

                                                                                                                                    27beaf0fb4ec000a490c45d1719effda6cc114e0

                                                                                                                                    SHA256

                                                                                                                                    8260c98ac4383a683d65f757c52a4103bbfc3de6bf0747af0b2f82035bdc4129

                                                                                                                                    SHA512

                                                                                                                                    ddd332406dbcee13e2853b3a712d1736525d2f075b2a88394192904ad39bf7ffd8f0e2eceff113e7b1e4807f9cc5e0fac944aee7ccc73241c2c25fe5ba5d9ae4

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5838be.TMP

                                                                                                                                    Filesize

                                                                                                                                    3KB

                                                                                                                                    MD5

                                                                                                                                    ea8eb2ea950ee76e9a50c64804462678

                                                                                                                                    SHA1

                                                                                                                                    76bca1c7d8bd07498ddfcb9f73c9a89d0aa74714

                                                                                                                                    SHA256

                                                                                                                                    d324b2de68ccfd834169239bb26a67de1a576af2ee577126f380f0a31d00f00e

                                                                                                                                    SHA512

                                                                                                                                    cec017b60499f87e409144d30190b6a68d80cd65e8f34a0327111ebd92415041f47d13542e616d1863a47c61e9d37b8ccdf0e84d76e58af1a61fa2a533439638

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

                                                                                                                                    Filesize

                                                                                                                                    264KB

                                                                                                                                    MD5

                                                                                                                                    b3e94fc957b709f76f2ffe4cd4d7fc52

                                                                                                                                    SHA1

                                                                                                                                    50f330b216207e1818e8d8469912c4d4f538de39

                                                                                                                                    SHA256

                                                                                                                                    4f9dd104fc7687b15e3040c11c3c0ebdc89c1528d804bfb44f13f1baed610565

                                                                                                                                    SHA512

                                                                                                                                    8a220ae43dca4c38b2392edfdd5a9b14228c531da2b70c9545d1a01216c96ad32395b5c0d68c32998866c35e781cd5b6a943cacbb095d4b374c196483764b3e2

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                                                                                                    Filesize

                                                                                                                                    2B

                                                                                                                                    MD5

                                                                                                                                    99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                    SHA1

                                                                                                                                    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                    SHA256

                                                                                                                                    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                    SHA512

                                                                                                                                    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

                                                                                                                                    Filesize

                                                                                                                                    69KB

                                                                                                                                    MD5

                                                                                                                                    164a788f50529fc93a6077e50675c617

                                                                                                                                    SHA1

                                                                                                                                    c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

                                                                                                                                    SHA256

                                                                                                                                    b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

                                                                                                                                    SHA512

                                                                                                                                    ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_1\content.js

                                                                                                                                    Filesize

                                                                                                                                    9KB

                                                                                                                                    MD5

                                                                                                                                    3d20584f7f6c8eac79e17cca4207fb79

                                                                                                                                    SHA1

                                                                                                                                    3c16dcc27ae52431c8cdd92fbaab0341524d3092

                                                                                                                                    SHA256

                                                                                                                                    0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643

                                                                                                                                    SHA512

                                                                                                                                    315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                                                                                                    Filesize

                                                                                                                                    108KB

                                                                                                                                    MD5

                                                                                                                                    06d55006c2dec078a94558b85ae01aef

                                                                                                                                    SHA1

                                                                                                                                    6a9b33e794b38153f67d433b30ac2a7cf66761e6

                                                                                                                                    SHA256

                                                                                                                                    088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd

                                                                                                                                    SHA512

                                                                                                                                    ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\3d24122e-a8eb-46ec-b2cc-06911ff11c31.tmp

                                                                                                                                    Filesize

                                                                                                                                    40B

                                                                                                                                    MD5

                                                                                                                                    20d4b8fa017a12a108c87f540836e250

                                                                                                                                    SHA1

                                                                                                                                    1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                                                                    SHA256

                                                                                                                                    6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                                                                    SHA512

                                                                                                                                    507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                    Filesize

                                                                                                                                    20KB

                                                                                                                                    MD5

                                                                                                                                    fb91c9d5e448c3c31bce822ac9adccb7

                                                                                                                                    SHA1

                                                                                                                                    58d2e7400ae9367682393975b259e7fc3f9d957a

                                                                                                                                    SHA256

                                                                                                                                    a65f5a9c427eaf941eada845c7ad25dae9fbf5ebec2b4039683178b5d98f4ace

                                                                                                                                    SHA512

                                                                                                                                    a5631be13942b928105ec30437dc225c26ce1fad38c99a77b258dbbe26e03bcafe581365f4cf0d6f2ee232149ea35a2a502f5ab5e2cbdaee690f23b0037e5487

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                                    Filesize

                                                                                                                                    1KB

                                                                                                                                    MD5

                                                                                                                                    1293281fc9ca5266049d3109ba02465b

                                                                                                                                    SHA1

                                                                                                                                    2dc64e9c30ce5627f538d0456cf2adc68f4f177b

                                                                                                                                    SHA256

                                                                                                                                    ba328dba3c012c082cd7dad47158bd37b0535630b6ec41ba53995d2dd5f8b108

                                                                                                                                    SHA512

                                                                                                                                    a7345d70c482f7437fbcc8de241eef37ec4bf8fd5086f8a957984800d65114ed9ad2e867ee2addbfec7f8dcfa5307f6320ade40ae25fa905e490eacb38974f96

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                                    Filesize

                                                                                                                                    1KB

                                                                                                                                    MD5

                                                                                                                                    a1a6ed3c1a35ba1893083945e1f9542b

                                                                                                                                    SHA1

                                                                                                                                    32a6c65c112bee6ffddefc86588a7720c9b9cfcd

                                                                                                                                    SHA256

                                                                                                                                    20474f402f29176631d7dbdbabdc0f9b886eabfc80117e2bba48366890093a3e

                                                                                                                                    SHA512

                                                                                                                                    8f6190ec1f3f10919a4f7a82035aaf9d7093d5c64e2265bc7693dca76c178fa94685fe90932e83dab3d853814c2ea2da1880fcdd7f1dc48ee2f7a2f9ddac62c1

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                                    Filesize

                                                                                                                                    111B

                                                                                                                                    MD5

                                                                                                                                    285252a2f6327d41eab203dc2f402c67

                                                                                                                                    SHA1

                                                                                                                                    acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                                    SHA256

                                                                                                                                    5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                                    SHA512

                                                                                                                                    11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                                                                    Filesize

                                                                                                                                    2B

                                                                                                                                    MD5

                                                                                                                                    d751713988987e9331980363e24189ce

                                                                                                                                    SHA1

                                                                                                                                    97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                    SHA256

                                                                                                                                    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                    SHA512

                                                                                                                                    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                    Filesize

                                                                                                                                    13KB

                                                                                                                                    MD5

                                                                                                                                    6aabe081a92b8af78e4c116998dac2ae

                                                                                                                                    SHA1

                                                                                                                                    75b6b1cce4c0cacdab7a33a99adb459760db1d26

                                                                                                                                    SHA256

                                                                                                                                    1a5b4dcb530793dd813efc6ac8c5f41b241677ccfc86978d0aba19b372a0b921

                                                                                                                                    SHA512

                                                                                                                                    ae7b95dc8171b8fd2611bd3462e88d16415f8f0b56a0faf029f6fe940fa9522e63fd337ccbf08842503829da9db4602052b3988040e563b6612d408480432cf7

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                    Filesize

                                                                                                                                    15KB

                                                                                                                                    MD5

                                                                                                                                    a8e93671a3501bf6bd607fb93b700587

                                                                                                                                    SHA1

                                                                                                                                    ea1ab1de07b59a42e93f91995b2bef5babe1985c

                                                                                                                                    SHA256

                                                                                                                                    63422a670e6bbf5e1e21f8893f4c4a196ccfc09384f2217d9c3406fd5bccf082

                                                                                                                                    SHA512

                                                                                                                                    c1a4355a37c530e9358903197d0087151e4412df3fb5a72d328970f78c968920f32796b9c81b4b0dd0bb0c44a316252ad02a04081a69ed1504967ab96dc0269c

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                    Filesize

                                                                                                                                    14KB

                                                                                                                                    MD5

                                                                                                                                    14a2a38a7cf9eca74c5f1db1a1ff8643

                                                                                                                                    SHA1

                                                                                                                                    5709362dc91c9884eefb375af7f048a74f316ba6

                                                                                                                                    SHA256

                                                                                                                                    d179f87aab3d7e35ef85278584b386554914e5842fbf2a5d857be9bef7c361d9

                                                                                                                                    SHA512

                                                                                                                                    b97390a84ce15072eb0ab744560b9280576e577dd20b1632deea2464f8f8e81b7788ccdef93065d13358c6bf74b32862dbbdf3a2d1ec4c0fc86c1a50a091ddd1

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                                    Filesize

                                                                                                                                    36KB

                                                                                                                                    MD5

                                                                                                                                    893862166ace354b8f62d538d10e7dfd

                                                                                                                                    SHA1

                                                                                                                                    3e4031225428129d01856abd41bd3da96179aee7

                                                                                                                                    SHA256

                                                                                                                                    abda8bfdb23860f4f35618d4698752ca76b8dae39f06efcd53cff5c53fcc5db4

                                                                                                                                    SHA512

                                                                                                                                    e0cd01cb26fe94a1dae25accfa7e53c19f0dadf2ce7cd04621671b4f8dde36a1c56df0666f74c9954101cfc816e071ad2107882b99f9255f925836adc4ef2ed0

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                    Filesize

                                                                                                                                    323B

                                                                                                                                    MD5

                                                                                                                                    afef4781d4ad9b4d338a9f1006ab87d8

                                                                                                                                    SHA1

                                                                                                                                    829a3250cc12c34408d933449dc78655dfd222bd

                                                                                                                                    SHA256

                                                                                                                                    753dc51a04dc4e7bd5cd27f06a6ada52cdb6a3402527de1fea90a6dfff3a23fa

                                                                                                                                    SHA512

                                                                                                                                    51f9a895c5eb5d6e7c6365d40a049181f64e9751657d1e807903d898c5d5935c182901961588b217ec81d1c0f20edb15a3571e0b92203d8435fe31117367096b

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                                                                                                    Filesize

                                                                                                                                    4KB

                                                                                                                                    MD5

                                                                                                                                    d1ef974434fc12a5553506a6860d564f

                                                                                                                                    SHA1

                                                                                                                                    296ef354e4b0701ddab50b19d668c1d4a3fc648e

                                                                                                                                    SHA256

                                                                                                                                    7a607661f9004926d757335053b3d775375c990d44535933f7efe291b5dd59cd

                                                                                                                                    SHA512

                                                                                                                                    7e485c1b4500aa65af695b91d0dfbf77a7f8b579f94d3e5c0f24afcfb6bd50829457e091730e1ecd2f71715ba3b89576d199132de83dddb3e4f32b42117f586e

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\76c4a44c-27ee-4e66-96c9-e91548e34cd4.tmp

                                                                                                                                    Filesize

                                                                                                                                    23KB

                                                                                                                                    MD5

                                                                                                                                    ac6e5b05ea34d059205f901a34ae9dcd

                                                                                                                                    SHA1

                                                                                                                                    34f6aeb1973d26ea11fd35d59e3f23ca5d90fe86

                                                                                                                                    SHA256

                                                                                                                                    66de813b3bab6ec03a1395a26d3edfd25277bf098db5cf888aa3917e29b3031a

                                                                                                                                    SHA512

                                                                                                                                    49f28820fef07f247167b16b0953123fcc01c8184f06c9f21840d853c41efc78bb918973660aeddf5214fdc375cc863c6c168e619c69e10bbdf85f0c91f77954

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                                                                                                    Filesize

                                                                                                                                    460B

                                                                                                                                    MD5

                                                                                                                                    d75defa198bae63af168736dda7d6273

                                                                                                                                    SHA1

                                                                                                                                    0e39e0a97f3f5677d04f358144bbf0ba2e206933

                                                                                                                                    SHA256

                                                                                                                                    e4702e99a56272104b11d97a6c3924be6d9e6c665a49a7241662b5641f884b87

                                                                                                                                    SHA512

                                                                                                                                    302b093eb0b7bfe81aa0187ef00133dd32779513974322b4213686958a55c6b23a99fcc044bc676a92d0c67addcca7b194ba3f3902109f82534b291ac2f2b05c

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                                                                                                    Filesize

                                                                                                                                    872B

                                                                                                                                    MD5

                                                                                                                                    dd656481a21ca892dd9ba63e50fcbfbf

                                                                                                                                    SHA1

                                                                                                                                    37209ddbc579e1c9f3dd8e1320f0cf68e83701a0

                                                                                                                                    SHA256

                                                                                                                                    23847af23ca4831384cc6148e453265d38109c1e41d7bac09adda1ce4c4bf568

                                                                                                                                    SHA512

                                                                                                                                    f501bb0ce258e67121db0360072b82112dded287414269f450b83e99e4aebe92418c90eb95037511dacc4a835e357c08296eb72bd20370fc25afa357f83ca7cf

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe58d443.TMP

                                                                                                                                    Filesize

                                                                                                                                    465B

                                                                                                                                    MD5

                                                                                                                                    50e66b633f5235d448982530a533de2b

                                                                                                                                    SHA1

                                                                                                                                    d2ad023c55ec8bb67dd33147001b3ea2fc4daebc

                                                                                                                                    SHA256

                                                                                                                                    d90d754334ea70362ab5bc2579f765edcd3bd829831af5ea838f2f1aa288af36

                                                                                                                                    SHA512

                                                                                                                                    fdfd683b05229e4f972c65736287e4aac06dc9c2b1602f48c3aea73cd3074f35b8c8b146c5aac2d7d46c03ca6cabaca98465d562e65b51bfce705731bdd98822

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

                                                                                                                                    Filesize

                                                                                                                                    22KB

                                                                                                                                    MD5

                                                                                                                                    3bca8411b45106afaa963d562c371631

                                                                                                                                    SHA1

                                                                                                                                    78857d33a65e7061ca18a3540c304f01e7e85325

                                                                                                                                    SHA256

                                                                                                                                    4503345ee70aa9ca0f90012b665743d7c13ec7052e7a943222287973b752b9c7

                                                                                                                                    SHA512

                                                                                                                                    a6a7e9af6613a30730a0b87be76f87144a3483afb756445d462de7b22543027e5e8f5822e0337ba2d7b65e413e526da962783d05d226c0d13d113d57d28b56ff

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig~RFe58d54c.TMP

                                                                                                                                    Filesize

                                                                                                                                    3KB

                                                                                                                                    MD5

                                                                                                                                    22ed3cc04fcc2e66b81335c4395971fd

                                                                                                                                    SHA1

                                                                                                                                    12ef48d70ec6f360644d2573dde99756f6ac05fb

                                                                                                                                    SHA256

                                                                                                                                    27bffcff6642dfcb87ac33eea61059552bc35ccd3c0d9f4da550398351836df9

                                                                                                                                    SHA512

                                                                                                                                    9219928d246a8aa761ee289b0baacc7214b028976b1b890c7f1df38ecac61cb3a90e8af1b3861929155d07af304d58ae8f7304466769669a7cd40c55ae61cf40

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                    Filesize

                                                                                                                                    13B

                                                                                                                                    MD5

                                                                                                                                    3e45022839c8def44fd96e24f29a9f4b

                                                                                                                                    SHA1

                                                                                                                                    c798352b5a0860f8edfd5c1589cf6e5842c5c226

                                                                                                                                    SHA256

                                                                                                                                    01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

                                                                                                                                    SHA512

                                                                                                                                    2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    6fc8a120ab395b30f786ff9f16681a08

                                                                                                                                    SHA1

                                                                                                                                    c55cdb7baee021f9ce3cc6af11699a381994f77f

                                                                                                                                    SHA256

                                                                                                                                    ec8ca21cb45e1a498b9418c0e1d44e6ac01e1f4ec04c6e4f1b79f14a0fd827b2

                                                                                                                                    SHA512

                                                                                                                                    8c41cac71937031977c3b6c24a8e7cf77157ee7caa7ad40df5cbeb7faee8a745416e056728a4a7b38925802ef8aeadb42fe3ef0c0f73ee63bce27713255effdf

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    26KB

                                                                                                                                    MD5

                                                                                                                                    280ad3376938691bb21fdd1433baa8e5

                                                                                                                                    SHA1

                                                                                                                                    9c9408892e941b145ccb101b3c2dd1641711bc94

                                                                                                                                    SHA256

                                                                                                                                    00be64e182593ea1319b635e1821b56ce354e055f108ec92e1849e125aae96a6

                                                                                                                                    SHA512

                                                                                                                                    420953e965d334db7db23303629ab55e7efb1a2de562659a0c587242fd301a42091bf868f89fcc1d4497200ee1702ee3b9200c58c93be58b3b49e680dfdc2d56

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    6KB

                                                                                                                                    MD5

                                                                                                                                    1ac1ae3021862533f1c10ed1f6cc6db7

                                                                                                                                    SHA1

                                                                                                                                    93d571c980b1f3a0d0981d07af20c929d0f497fd

                                                                                                                                    SHA256

                                                                                                                                    f8f9f9206acc509368bc2bd6d1b3a55193b1fc8d65ac023e1e5adea5d72b8bc1

                                                                                                                                    SHA512

                                                                                                                                    5842adb1d91f275cc17739740147a1746a4a0fa50ef2a6a9b7e2102c3604000273bd6580fd13a84f8b21278fb3a1754eba269af387336b024e282c582c2dfd4c

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    c2c097d505bf22e4fd928cd0e213f32a

                                                                                                                                    SHA1

                                                                                                                                    61d50a1e4dc5b0d0f3ca638beb7de7220835290b

                                                                                                                                    SHA256

                                                                                                                                    794ffda0981dfe7556f0923ec70cff064d60242115d4d75a5f4cba4e5fbe33d4

                                                                                                                                    SHA512

                                                                                                                                    62adae9e8203c276bed2c320731eb9af05375bd36a72001a5de4fd23c00371be8e7edff09bad7a94388f49ec46a993f423048346e3f09f3d3fc9e0bc7a232392

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    bc3e3a8c3dea8e47320a5a782ff4a333

                                                                                                                                    SHA1

                                                                                                                                    b0cb0208675ba7235f6c9022cdf0929c814e9599

                                                                                                                                    SHA256

                                                                                                                                    1f7e1a5442f738ad07cbbac4fb772ea52eddcb95ce4146a4dd4da055bd967638

                                                                                                                                    SHA512

                                                                                                                                    e03e1abea16acf48a9071c98a03f7963026f50ee1e0cf2460c79e50a6d425eda7caa3ff0ec7b10cc080849e2c0b47293f81a9d75a630254ef26360a99345b944

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    20KB

                                                                                                                                    MD5

                                                                                                                                    31a917985c105f03b10465e9f0e01944

                                                                                                                                    SHA1

                                                                                                                                    645d54fbeac1f035d6656b25dace6725f11fecc2

                                                                                                                                    SHA256

                                                                                                                                    73549cfe283162e1c3f1103c772c64874068c91166e63777aa63db906b3a30ba

                                                                                                                                    SHA512

                                                                                                                                    e4164c97d9e0b4b38186f467dc24a4a6409ca49dd8646d5407d7d2b1743af58ec104007654bd70e69fe6483715980f468cdc4f66dc031bbc8afe824cca39007b

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    6eaa6a63164a21748c3f6718398d7181

                                                                                                                                    SHA1

                                                                                                                                    cddb31510a8cb0bf5b8fc66e5eeacd8038104e6d

                                                                                                                                    SHA256

                                                                                                                                    927cb10b52a32ceff1eea6c7e2eaa6529600c4e7582b525a374f03a73b63af8d

                                                                                                                                    SHA512

                                                                                                                                    03d20e13eb14fa8f04ca3089bcc07278002b2634f1ef28cf497cd0f25f9d1a8dcca4e8acea1d6023670a9e52d36accc6088c8cb58366fa3ef50fddf512a873d5

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    7KB

                                                                                                                                    MD5

                                                                                                                                    77c4fb8073131f92ff57207c8686ae8e

                                                                                                                                    SHA1

                                                                                                                                    1047c9de938c2f8bf464e182bff13d8faa426f4d

                                                                                                                                    SHA256

                                                                                                                                    5619bc4ec2c24e94528283b66b19bd9057cab779307299f0ea5596885592ad8d

                                                                                                                                    SHA512

                                                                                                                                    076bdb2b36c82b34a50eb2cce5440277c9104d04db125e56a02e11212fc6164a3865571b247ec494d318f8d1b2f413c61f3f28ba293ebb816e5921497f8c8dbe

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    4d97d10b362ea87d9634e5396df0480b

                                                                                                                                    SHA1

                                                                                                                                    f4a99ebb12070832a14305663c5901257632d299

                                                                                                                                    SHA256

                                                                                                                                    eba8b0be26519b0aa573de9925d70bb92de178683e2c42e4c35e0614b42470eb

                                                                                                                                    SHA512

                                                                                                                                    5c653eb236f6614f5b2467a0783da751090d147488524ad77b19a8cf9229118cd385a2b2f97d4ef6e66949d2bd840f814abb38c7aa62da67a4a243d9db211ced

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    26KB

                                                                                                                                    MD5

                                                                                                                                    0669c9ef111385d8b3e45b0b641cd676

                                                                                                                                    SHA1

                                                                                                                                    2f3b5d893c672b2fab9b8cad2e2852e4c847e59d

                                                                                                                                    SHA256

                                                                                                                                    cbb14692f27fbdcb2ded7d32096085dfcb20cd3c07f84dab40371c96959b2c00

                                                                                                                                    SHA512

                                                                                                                                    799c0ae634adfbe0efa40aa4ca90f209b4bd422afe5c78a4625947db1220ab552f29503b9f9130d13e8e8cdc32616bb01f2d4a37a76294484bc7765d79593298

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    11KB

                                                                                                                                    MD5

                                                                                                                                    541f0a6a1b15c524da12b66a4e9d900b

                                                                                                                                    SHA1

                                                                                                                                    b3eda65ff3cb9ebda8ed7bd32470b4d841688896

                                                                                                                                    SHA256

                                                                                                                                    95e9b7892bf3d7ba5a751bf4effad1bfc61ba7d9c3c27258f5e576aa6f181519

                                                                                                                                    SHA512

                                                                                                                                    a68eddb1ec3838b2664d775a882d6b65f5b74bcca6ee531ecf47b9c80da8ab6a66eab7f4edf62236c6c51fc28183b90c896327b6bc2da6fd7b325c1a98cdde66

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                    Filesize

                                                                                                                                    22KB

                                                                                                                                    MD5

                                                                                                                                    6faf2ec429a930eab637c7527848b35f

                                                                                                                                    SHA1

                                                                                                                                    b3b9a202774ba004446b92636b0468ec0d9ab6f4

                                                                                                                                    SHA256

                                                                                                                                    badc1e5b45dd146a8a8104ee1e1af1b23051747b44dcf4716f497118f3c7c946

                                                                                                                                    SHA512

                                                                                                                                    ad8c8c13659ccf47d7be80ba6974f82a1c05993f46db549203abb78b0325a1a1342aa6771a0c5157422bd9674a0fd7bb50fbe191567bfb6b548daa2f746dcf03

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

                                                                                                                                    Filesize

                                                                                                                                    264KB

                                                                                                                                    MD5

                                                                                                                                    9d7f65e465eeb851f71d29423bd940bf

                                                                                                                                    SHA1

                                                                                                                                    1346dbb1e01d5f68bc620eea613c672da7eeb66e

                                                                                                                                    SHA256

                                                                                                                                    926c5effcb49f369071dec9abc146659ca8545f98e59cbb6bbdd0cdd23702a56

                                                                                                                                    SHA512

                                                                                                                                    9c44271b011a01e266b832c5667d26d2d94099eea4f1b1ce7ef823d93481883cc92382007c44b68617c87d5ab5bc467cb387b5f6cd64cbd7158ebb370824d7f3

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                    Filesize

                                                                                                                                    86B

                                                                                                                                    MD5

                                                                                                                                    16b7586b9eba5296ea04b791fc3d675e

                                                                                                                                    SHA1

                                                                                                                                    8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                                    SHA256

                                                                                                                                    474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                                    SHA512

                                                                                                                                    58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\nav_config.json

                                                                                                                                    Filesize

                                                                                                                                    2KB

                                                                                                                                    MD5

                                                                                                                                    499d9e568b96e759959dc69635470211

                                                                                                                                    SHA1

                                                                                                                                    2462a315342e0c09fd6c5fbd7f1e7ff6914c17e6

                                                                                                                                    SHA256

                                                                                                                                    98252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d

                                                                                                                                    SHA512

                                                                                                                                    3a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905

                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                    Filesize

                                                                                                                                    2KB

                                                                                                                                    MD5

                                                                                                                                    415e96857a8b04a701a8276bdebab22d

                                                                                                                                    SHA1

                                                                                                                                    4ae44414f36626ce97ff31d0c7e9224be1145585

                                                                                                                                    SHA256

                                                                                                                                    c7540813b52d61d0c30abf71045926248f3c1bf418182959dbe6a27dd367a9b6

                                                                                                                                    SHA512

                                                                                                                                    8746c3468ea6e32e18c094b0e76b796aed17b56db40072717c976df58ba41659a92ddc1987062a3a5a2dd4503e30bd378d408e4bb7abcc53cefb31b691ae7d3e

                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\1dd0de07-5133-4d33-9aaf-e5ff4084d01e.tmp

                                                                                                                                    Filesize

                                                                                                                                    10KB

                                                                                                                                    MD5

                                                                                                                                    78e47dda17341bed7be45dccfd89ac87

                                                                                                                                    SHA1

                                                                                                                                    1afde30e46997452d11e4a2adbbf35cce7a1404f

                                                                                                                                    SHA256

                                                                                                                                    67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

                                                                                                                                    SHA512

                                                                                                                                    9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\7c2221f9-9839-4479-ad2b-66ad5547e97f.tmp

                                                                                                                                    Filesize

                                                                                                                                    1B

                                                                                                                                    MD5

                                                                                                                                    5058f1af8388633f609cadb75a75dc9d

                                                                                                                                    SHA1

                                                                                                                                    3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                    SHA256

                                                                                                                                    cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                    SHA512

                                                                                                                                    0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\scoped_dir1528_2042766116\a89fb308-c1b3-45df-ad96-fc7e89371df5.tmp

                                                                                                                                    Filesize

                                                                                                                                    153KB

                                                                                                                                    MD5

                                                                                                                                    b0917d8e6c5b6be358bff67f84eb8336

                                                                                                                                    SHA1

                                                                                                                                    a6e221edcb19a1cc81575b4ddd927fd9a6fbdd6d

                                                                                                                                    SHA256

                                                                                                                                    dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60

                                                                                                                                    SHA512

                                                                                                                                    cd5822bbf91e8f7f5ab2b471a4bf8b464bde95465e2fccc6a57e5a287ca55d5062bdd6d4b3cd76f8529ee7a9081b6a7aad7dc2a7581c344ce4fd2d3256bdf451