Analysis Overview
Threat Level: Likely benign
The file https://teamcuratedtechnology.com/68383-414165/182302?uid=ZtBzSSVfJwYS4Z8t7mVBfmogJLy9&prom_type=regular&prom_id=323656&pld=26L81sNgpwNGg5 was found to be: Likely benign.
Malicious Activity Summary
Drops file in Program Files directory
Browser Information Discovery
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Checks processor information in registry
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-07-03 05:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-03 05:25
Reported
2025-07-03 05:26
Platform
win10v2004-20250610-en
Max time kernel
53s
Max time network
41s
Command Line
Signatures
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ru\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\km\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\kk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\en_US\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\tr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\fr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\fi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\te\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\sr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\service_worker_bin_prod.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\sl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\af\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\hy\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\be\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\zu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\fa\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ko\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\is\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ro\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\fil\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\hu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\am\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\my\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\lt\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\pt_PT\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\en\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\offscreendocument_main.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\th\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\hi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\uk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\mr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\en_CA\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ca\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\gl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\cy\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\msedge_url_fetcher_2052_1798062948\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_93_1_0.crx | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\vi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\kn\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ur\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\pl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\iw\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\nl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\el\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\128.png | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\offscreendocument.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\hr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\de\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ne\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\az\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\cs\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\lo\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\eu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ta\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\id\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\pt_BR\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\es\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\en_GB\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\pa\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ka\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\sv\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\page_embed_script.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping2052_359729229\_locales\ml\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133959939654320248" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3001560346-2020497773-4190896137-1000\{EFD8B31C-80ED-4BB3-B440-8E13F479E7AB} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://teamcuratedtechnology.com/68383-414165/182302?uid=ZtBzSSVfJwYS4Z8t7mVBfmogJLy9&prom_type=regular&prom_id=323656&pld=26L81sNgpwNGg5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2ec,0x7ffea055f208,0x7ffea055f214,0x7ffea055f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1840,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2168,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2460,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3428,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3436,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5152,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5128,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4804,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5472,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5480,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6276,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6272,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6272,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6364,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6536,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6556,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=4296,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --init-isolate-as-foreground --pdf-shared-library --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=6840,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6884 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --renderer-sub-type=pdf-renderer --pdf-renderer --pdf-shared-library --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags="--ms-user-locale= --jitless" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=5352,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5288 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6460,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6784,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5344 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6760,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6316 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | teamcuratedtechnology.com | udp |
| US | 8.8.8.8:53 | teamcuratedtechnology.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:80 | edge.microsoft.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.tradepub.com | udp |
| US | 8.8.8.8:53 | www.tradepub.com | udp |
| US | 8.8.8.8:53 | img.tradepub.com | udp |
| US | 8.8.8.8:53 | img.tradepub.com | udp |
| US | 104.18.1.22:443 | unpkg.com | udp |
| US | 104.18.1.22:443 | unpkg.com | tcp |
| US | 209.133.56.117:443 | www.tradepub.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 205.234.175.175:443 | img.tradepub.com | tcp |
| US | 205.234.175.175:443 | img.tradepub.com | tcp |
| US | 8.8.8.8:53 | cts.tradepub.com | udp |
| US | 8.8.8.8:53 | cts.tradepub.com | udp |
| US | 209.133.56.108:443 | cts.tradepub.com | tcp |
| US | 209.133.56.108:443 | cts.tradepub.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 205.234.175.175:443 | img.tradepub.com | tcp |
| US | 3.216.46.129:443 | teamcuratedtechnology.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.251.29.94:443 | update.googleapis.com | tcp |
| GB | 2.16.153.224:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 142.251.30.132:443 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 2.16.153.224:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0dc2957035dfdcabc62ed62d0ed558a4 |
| SHA1 | f674d29f9400bf113484aeda478c806098fb39bc |
| SHA256 | 7e602c96e5532e2f86500aa5d2c37d1ff2fa91fa21326526019d6cde6232aced |
| SHA512 | a7e2dedc7dbf11bd888f75a0e5ab1fb9f7e9fd6e7c82b403d0b1952d70df9f937c5d7773159de5beb8bc3970cea1c6455f4063c1674d09d9f2e83640f13de5e6 |
\??\pipe\crashpad_2052_SAQNNUZEKSSVOTEB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2294f3d9a64baef128a25b87589d389f |
| SHA1 | 424e387efc6a6a15e78b75f6993c1c2b3075b1df |
| SHA256 | 36f7957c705b6991cf14d92a054f5f029666152a4064d59cb0ff3d928b29281a |
| SHA512 | bb23f81a610122ced958c119f398ccb753bc760084b92484f78a9459cc4d055ac6268aecaa350bc311fddbc08be89103ff36ebfa92e240e383ee2f155e899858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077
| MD5 | 61e0d7efea45541ea38ac6578943241e |
| SHA1 | 8b1d21954cd0dd072959cf4144d2b44d23510229 |
| SHA256 | 04d3beb8e8c983c6aee61a918bdbec979fb6280b91ffd85113fffff8337d8cb5 |
| SHA512 | fd706ef8ec131eefd21e6651b7f92e5119c5b65cc658983a8558f44a2cd90c843d31a88df610b2b5cc08c78cfd85eca4c94325ebf37e413847777aee96898bf3 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 001ba6de16b18bda670f875f0f3d14bf |
| SHA1 | a980c986492df57ca3cda8f22bf0b18ac34ec1e5 |
| SHA256 | 3854f5f110edbb70b19b890a16f8c42ef0c4e791fe8c25b6906a69ee03903fad |
| SHA512 | b7c541d0ce2116b28244f8d4045ef8c387c25e85d40c832bbe8d355e8af0c6217e46a1b9e0792867204bfc4639e11bbd45193b026c5d08a3038966a5bebc32b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | 7cd443e449bea97574bfcf99db4806c7 |
| SHA1 | cc9ba3d6eb3279062a58efcaa101d52034b5b755 |
| SHA256 | 3730543181a5fcf203b8778ef3c59f01e0d7c822ec60455a153b14362a2154bd |
| SHA512 | ef80361bc0ba3ad153ef1d567c96386556ad54a4376092ac41002aff6aecf0510303fd5799320cfeaf48a96e12b96a199ac47712298b35ff6627fd6df03bd4b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 05fb36b91c5c40babad36df1ff31652d |
| SHA1 | d6a9d23d0b5e81fe5352c3ee1140d8d15c94b389 |
| SHA256 | fb72b525cdbedce1362523d301555a71c2afb76b09de2bc6e06ff9b227d68574 |
| SHA512 | f99d101fb1659b508353cd72197af3fdb5b880ab8ea648da2ef086309815d8eae024fc06f522192c67ce2556c06fca044782ce9b955b87cb467ca9cf268a43b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b
| MD5 | b384b2c8acf11d0ca778ea05a710bc01 |
| SHA1 | 4d3e01b65ed401b19e9d05e2218eeb01a0a65972 |
| SHA256 | 0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b |
| SHA512 | 272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c98295e659d5a09a7efb6ef9bc22c3f3 |
| SHA1 | 8c854e0177c62b29236e8a044f403f66f5d49d4b |
| SHA256 | bfbfa18d71f327c974628c5bf26188ff4b82236aa6da224f621ccbf6bb5254d1 |
| SHA512 | c7d7e727aae19386f24b97149898cabd3ce6696c73312de97a40c359c34be984f6218e2bab014973791023ec9622a98a9015aed73ed1b42c7644418fb69d478d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | dd50a63c20d453c13ab9e03ed77f3fc2 |
| SHA1 | 434ab92f9d30d6f16ed5a8d46a407bab6675b06a |
| SHA256 | f772e507169fba83118b62f4bf795ac9dbc5612a299bfaacd5bae1ba2461f3d9 |
| SHA512 | 2f58f80b2fdbf869d4d012fe8f42d120b4b55e97c294a348b339ff6549775a3c0bfa81091850b60b70fea44b231396fda0fb1418b371567ef11a0ac93bdda2ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | da87149b4016cb749434757cca0dd038 |
| SHA1 | 5ced1938760f85e35e8a4d5307bbb6aa0ec459a2 |
| SHA256 | 84ac189f6eb1eee9d2b2f07f09510aa2a757c9a046c45859eed9bef1bade2e44 |
| SHA512 | 550b8d4a88103d79935d5255336674725390b36fdfb3cb6439ab78f06ce1ed2d96613598d85898378fa15e29d9a6fbac36daaca97123a0c2b4d2c313043f9bd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f799a4fb3e95644839b8cbb2b2ec9306 |
| SHA1 | 95e9c4cecf6bceca648b2c24f9a35f058b818ae6 |
| SHA256 | cdb50b1ddd491ab49cccb711b6392d8ac2584e2aa595ab9cd703a8ef973bd87e |
| SHA512 | 417f7d88e92871452aaee59ffe80f3a7b98810e6e39d3a67b5837ec39f953fa5f4adb8dcf4a20eb346c54d60983b2b56f7fb3aa641078fa95314aa49507cbd7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5810a5.TMP
| MD5 | 71088794648ba69864605c04bd5c01bb |
| SHA1 | 6fd207aa0cbbe50a357ad97ad685b4706ba7c6c3 |
| SHA256 | a328f1dccfedf7d07b6a1f4012145db2999dad551908f24ed2a167ea9809a029 |
| SHA512 | 5b39d30977652bbb23a4b49137d97327f24bbfc0e1f16d6014bbafa64e54e6bd610420183d5207da32f0d61a81d9db4a76480ffe8a2968751100993e2ca97a69 |