Analysis

  • geolocation tags

    eueuropelondonukunited-kingdom
  • max time kernel
    873s
  • max time network
    885s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250619-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250619-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/07/2025, 17:29

General

  • Target

    http://malwarebytes

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://malwarebytes
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2d8,0x7ffc6353f208,0x7ffc6353f214,0x7ffc6353f220
      2⤵
        PID:556
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2328,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=2172 /prefetch:2
        2⤵
          PID:824
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=2376,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=2368 /prefetch:3
          2⤵
            PID:1960
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2308,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=2952 /prefetch:8
            2⤵
              PID:1364
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3472,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3512 /prefetch:1
              2⤵
                PID:452
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3480,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3516 /prefetch:1
                2⤵
                  PID:756
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4156,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=4164 /prefetch:1
                  2⤵
                    PID:1712
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4208,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=4180 /prefetch:2
                    2⤵
                      PID:4588
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5016,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5172 /prefetch:8
                      2⤵
                        PID:3280
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5332,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5128 /prefetch:8
                        2⤵
                          PID:448
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5352,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:8
                          2⤵
                            PID:1460
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5428,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5072 /prefetch:8
                            2⤵
                              PID:220
                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5704,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5900 /prefetch:8
                              2⤵
                                PID:4724
                              • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5704,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5900 /prefetch:8
                                2⤵
                                  PID:4324
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6024,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6020 /prefetch:8
                                  2⤵
                                    PID:508
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6200,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6012 /prefetch:8
                                    2⤵
                                      PID:1252
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6360,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6376 /prefetch:1
                                      2⤵
                                        PID:4416
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3588,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3600 /prefetch:8
                                        2⤵
                                          PID:1916
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6348,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3748 /prefetch:8
                                          2⤵
                                            PID:4596
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6684,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6336 /prefetch:8
                                            2⤵
                                              PID:3584
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6716,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=4388 /prefetch:8
                                              2⤵
                                                PID:5012
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6708,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6872 /prefetch:8
                                                2⤵
                                                  PID:4452
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6884,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6896 /prefetch:8
                                                  2⤵
                                                    PID:756
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6560,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6344 /prefetch:1
                                                    2⤵
                                                      PID:4780
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6868,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
                                                      2⤵
                                                        PID:3080
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=704,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=7108 /prefetch:8
                                                        2⤵
                                                          PID:4728
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3632,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=4200 /prefetch:8
                                                          2⤵
                                                            PID:1812
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4256,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=4188 /prefetch:8
                                                            2⤵
                                                              PID:5216
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=2088,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5168 /prefetch:1
                                                              2⤵
                                                                PID:2520
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3440,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6460 /prefetch:8
                                                                2⤵
                                                                  PID:508
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6852,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5412 /prefetch:8
                                                                  2⤵
                                                                    PID:2412
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3784,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6080 /prefetch:8
                                                                    2⤵
                                                                      PID:4744
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6336,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=7008 /prefetch:8
                                                                      2⤵
                                                                        PID:6100
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=3428,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5264 /prefetch:1
                                                                        2⤵
                                                                          PID:5732
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5204,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8
                                                                          2⤵
                                                                            PID:1384
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2620,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6980 /prefetch:8
                                                                            2⤵
                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                            PID:4812
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5628,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3416 /prefetch:8
                                                                            2⤵
                                                                              PID:1252
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6992,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5224 /prefetch:8
                                                                              2⤵
                                                                                PID:2928
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2092,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:8
                                                                                2⤵
                                                                                  PID:5520
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6356,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=2600 /prefetch:8
                                                                                  2⤵
                                                                                    PID:5988
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5504,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6804 /prefetch:8
                                                                                    2⤵
                                                                                      PID:3960
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7004,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=2728 /prefetch:8
                                                                                      2⤵
                                                                                        PID:3664
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6740,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3956 /prefetch:8
                                                                                        2⤵
                                                                                          PID:5860
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5488,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8
                                                                                          2⤵
                                                                                            PID:5384
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2728,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6280 /prefetch:8
                                                                                            2⤵
                                                                                              PID:5092
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --always-read-main-dll --field-trial-handle=5240,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:1
                                                                                              2⤵
                                                                                                PID:6012
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6832,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6660 /prefetch:8
                                                                                                2⤵
                                                                                                  PID:4364
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5136,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3400 /prefetch:8
                                                                                                  2⤵
                                                                                                    PID:5388
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6856,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5304 /prefetch:8
                                                                                                    2⤵
                                                                                                      PID:4324
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3484,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=3308 /prefetch:8
                                                                                                      2⤵
                                                                                                        PID:5368
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5824,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5508 /prefetch:8
                                                                                                        2⤵
                                                                                                          PID:4012
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6104,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=5820 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:6044
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3312,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6676 /prefetch:8
                                                                                                            2⤵
                                                                                                              PID:3032
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3524,i,12255870388743836315,10217812382371812121,262144 --variations-seed-version --mojo-platform-channel-handle=6876 /prefetch:8
                                                                                                              2⤵
                                                                                                                PID:2280
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                                                              1⤵
                                                                                                                PID:4508

                                                                                                              Network

                                                                                                                    MITRE ATT&CK Enterprise v16

                                                                                                                    Replay Monitor

                                                                                                                    Loading Replay Monitor...

                                                                                                                    Downloads

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1269963770\manifest.json

                                                                                                                      Filesize

                                                                                                                      69B

                                                                                                                      MD5

                                                                                                                      b721bdf2924d658186ac8868dbd2c008

                                                                                                                      SHA1

                                                                                                                      914aacc65bb7933bd73aa06f8bd2ca0b04de3858

                                                                                                                      SHA256

                                                                                                                      dc6a19395ad3a24ee3805f6e90c6b16fdc141a51ac7fbb99fb784e423f8962f3

                                                                                                                      SHA512

                                                                                                                      4c1c16f714a2e2436697bc801f7e2f684010c833e3d5fe6ed68d6f3e630afa495412ea5a1b46f4bbbb1102feede84e72f32686910492510cbce71888a85b5fda

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1300695322\manifest.json

                                                                                                                      Filesize

                                                                                                                      141B

                                                                                                                      MD5

                                                                                                                      811f0436837c701dc1cea3d6292b3922

                                                                                                                      SHA1

                                                                                                                      4e51a3e9f5cbf8c9c96985dabe8ffc2de28dae87

                                                                                                                      SHA256

                                                                                                                      dbfb38a16e33a39c35ac50bd81782e4608be14954f1df69ac8272c0b9ce87a5d

                                                                                                                      SHA512

                                                                                                                      21e7bf2f8333b2900bcbcb871ede14684073249597d105095dc7d3f101e7ccc326068732f11d4a167365f245a3f2205793f520c7666d7f948e70919b40b43d35

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_142104429\LICENSE

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      ee002cb9e51bb8dfa89640a406a1090a

                                                                                                                      SHA1

                                                                                                                      49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                                                                                                      SHA256

                                                                                                                      3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                                                                                                      SHA512

                                                                                                                      d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_142104429\manifest.json

                                                                                                                      Filesize

                                                                                                                      79B

                                                                                                                      MD5

                                                                                                                      89217e000f3145a2523e43f947208e79

                                                                                                                      SHA1

                                                                                                                      cd7915d003ee87f2babc9ee9add12841022710ac

                                                                                                                      SHA256

                                                                                                                      6722a860c855cf94a54fd1ffdd3801c4c949f5b67d8601ad300264931057f2bb

                                                                                                                      SHA512

                                                                                                                      385257ef9c67d80006eb350ac79718f30e08d810a1568454806f2505b482e0093f784d0d4cd24078317f863db500898343ce69391c0ae7fc767697f6da38eeaf

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1475076640\manifest.json

                                                                                                                      Filesize

                                                                                                                      43B

                                                                                                                      MD5

                                                                                                                      af3a9104ca46f35bb5f6123d89c25966

                                                                                                                      SHA1

                                                                                                                      1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8

                                                                                                                      SHA256

                                                                                                                      81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea

                                                                                                                      SHA512

                                                                                                                      6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1588645368\manifest.json

                                                                                                                      Filesize

                                                                                                                      135B

                                                                                                                      MD5

                                                                                                                      4055ba4ebd5546fb6306d6a3151a236a

                                                                                                                      SHA1

                                                                                                                      609a989f14f8ee9ed9bffbd6ddba3214fd0d0109

                                                                                                                      SHA256

                                                                                                                      cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5

                                                                                                                      SHA512

                                                                                                                      58d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1841941547\manifest.json

                                                                                                                      Filesize

                                                                                                                      160B

                                                                                                                      MD5

                                                                                                                      a24a1941bbb8d90784f5ef76712002f5

                                                                                                                      SHA1

                                                                                                                      5c2b6323c7ed8913b5d0d65a4d21062c96df24eb

                                                                                                                      SHA256

                                                                                                                      2a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747

                                                                                                                      SHA512

                                                                                                                      fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_1906224085\manifest.json

                                                                                                                      Filesize

                                                                                                                      117B

                                                                                                                      MD5

                                                                                                                      0abdce2e93f6542edfc9dfbcfb61ce89

                                                                                                                      SHA1

                                                                                                                      08067386e18ea1d48d916ecae2d2583a5f6df6ce

                                                                                                                      SHA256

                                                                                                                      d912b0ee06353fc36393d1c187a22d37d467e14ddb389a930ff7317b6760531c

                                                                                                                      SHA512

                                                                                                                      ec60d26c4b1c1e437c5c88fd9efc504843551a51d3c1b036a5b518cbaccec6e86fddca534b96d490872c6fd53a874f765367d3784473b948f112a51addc9f730

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_2090256682\manifest.json

                                                                                                                      Filesize

                                                                                                                      84B

                                                                                                                      MD5

                                                                                                                      e0909520982fc48e47a6451443b11741

                                                                                                                      SHA1

                                                                                                                      0e46425274933c153ebf5a03f25e693267a8cea2

                                                                                                                      SHA256

                                                                                                                      2e9e6138305d702f3c9b89d6e9dc4931b548c69bb86db64e585fa2e37b8ef654

                                                                                                                      SHA512

                                                                                                                      3fdf504cb0bf39a807fa15a8ec31a6efd8083888692935ec31d70b4ef6eef89b8527c6a75a46bf7ae3efeeaa507ac3c7cccda5246a2f073ac603a7ffa10d20a8

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_287549654\manifest.json

                                                                                                                      Filesize

                                                                                                                      134B

                                                                                                                      MD5

                                                                                                                      049c307f30407da557545d34db8ced16

                                                                                                                      SHA1

                                                                                                                      f10b86ebfe8d30d0dc36210939ca7fa7a819d494

                                                                                                                      SHA256

                                                                                                                      c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

                                                                                                                      SHA512

                                                                                                                      14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_43306389\manifest.json

                                                                                                                      Filesize

                                                                                                                      76B

                                                                                                                      MD5

                                                                                                                      ba25fcf816a017558d3434583e9746b8

                                                                                                                      SHA1

                                                                                                                      be05c87f7adf6b21273a4e94b3592618b6a4a624

                                                                                                                      SHA256

                                                                                                                      0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

                                                                                                                      SHA512

                                                                                                                      3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_555418456\manifest.json

                                                                                                                      Filesize

                                                                                                                      53B

                                                                                                                      MD5

                                                                                                                      b4d869dd7052d78d29b3e439565f1600

                                                                                                                      SHA1

                                                                                                                      caa2cfa31729f4348a02514eba0235e72b88ce5a

                                                                                                                      SHA256

                                                                                                                      0f8ee89c4a420bda691d058cdd96c874c2edeec84145c81c957e98d05e351d3c

                                                                                                                      SHA512

                                                                                                                      1fda3488df8c43ad413b2e69a5e2292322fe837f7b27b88302b4e591e7e13fdceacb0af9b8bb92ca7c0d2b39abffc776c6cc35d18abb86ce91f55c719b43480e

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_594449378\manifest.json

                                                                                                                      Filesize

                                                                                                                      119B

                                                                                                                      MD5

                                                                                                                      390af74c5ae643320cad0cef4fa8fee1

                                                                                                                      SHA1

                                                                                                                      22ce727f9bcff9a914eb1d58ba8384de6fbda7e1

                                                                                                                      SHA256

                                                                                                                      1148c28e540b9b96237b35170a547a13165d6c7c039b8fff9e4b2cd774b92f5a

                                                                                                                      SHA512

                                                                                                                      deaeeeffdddea1a9047e97d82e3bb701fb865adcd77ef9e985bb0ec5e4057155e7b83cad4f9f3dd256edf89f19d1075349cea5005dffff8420da4d0646be413a

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_601936245\manifest.json

                                                                                                                      Filesize

                                                                                                                      102B

                                                                                                                      MD5

                                                                                                                      b0e549dcc425951a670808d628ab5181

                                                                                                                      SHA1

                                                                                                                      63c37e4fd9193836f0100cee2bf76585787ae94b

                                                                                                                      SHA256

                                                                                                                      b2c8ee75956c3bb7ea6865137c441b916badfb99c922c17785875e784c96e29a

                                                                                                                      SHA512

                                                                                                                      d6dc7c7ddd5ad8ca06a831faa6bd399c8af77e0b21cfd039c608f366fb54b8d4553fc8f947a070544f472966190cf1ca5a236d1084be824b06684b6c6e8de0dc

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_771950032\manifest.json

                                                                                                                      Filesize

                                                                                                                      114B

                                                                                                                      MD5

                                                                                                                      e6cd92ad3b3ab9cb3d325f3c4b7559aa

                                                                                                                      SHA1

                                                                                                                      0704d57b52cf55674524a5278ed4f7ba1e19ca0c

                                                                                                                      SHA256

                                                                                                                      63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d

                                                                                                                      SHA512

                                                                                                                      172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_922506108\manifest.json

                                                                                                                      Filesize

                                                                                                                      176B

                                                                                                                      MD5

                                                                                                                      8177721150435a9b333475e2b8a6e691

                                                                                                                      SHA1

                                                                                                                      8aa8981617e8f3d8967a0a4a2d20315317eba293

                                                                                                                      SHA256

                                                                                                                      8a4800ed5f63b9371a024c501ee2b031af94539e32e6753214e6d99c625c018c

                                                                                                                      SHA512

                                                                                                                      540c4c52030c6a4e1efcfab5eb59760c696bb3e3f1b8f93c97a6368639a911ba3d395190fc0798d99f3c63e25b6dcf2ded482bbda34d36ddd874dd20c2cfdf74

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_924701253\manifest.json

                                                                                                                      Filesize

                                                                                                                      238B

                                                                                                                      MD5

                                                                                                                      15b69964f6f79654cbf54953aad0513f

                                                                                                                      SHA1

                                                                                                                      013fb9737790b034195cdeddaa620049484c53a7

                                                                                                                      SHA256

                                                                                                                      1bdda4a8fc3e2b965fbb52c9b23a9a34871bc345abfb332a87ea878f4472efbd

                                                                                                                      SHA512

                                                                                                                      7eeee58e06bba59b1ef874436035202416079617b7953593abf6d9af42a55088ab37f45fdee394166344f0186c0cb7092f55ed201c213737bb5d5318e9f47908

                                                                                                                    • C:\Program Files\chrome_Unpacker_BeginUnzipping2748_956244015\manifest.json

                                                                                                                      Filesize

                                                                                                                      72B

                                                                                                                      MD5

                                                                                                                      a30b19bb414d78fff00fc7855d6ed5fd

                                                                                                                      SHA1

                                                                                                                      2a6408f2829e964c578751bf29ec4f702412c11e

                                                                                                                      SHA256

                                                                                                                      9811cd3e1fbf80feb6a52ad2141fc1096165a100c2d5846dd48f9ed612c6fc9f

                                                                                                                      SHA512

                                                                                                                      66b6db60e9e6f3059d1a47db14f05d35587aa2019bc06e6cf352dfbb237d9dfe6dce7cb21c9127320a7fdca5b9d3eb21e799abe6a926ae51b5f62cf646c30490

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      f9fd82b572ef4ce41a3d1075acc52d22

                                                                                                                      SHA1

                                                                                                                      fdded5eef95391be440cc15f84ded0480c0141e3

                                                                                                                      SHA256

                                                                                                                      5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

                                                                                                                      SHA512

                                                                                                                      17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.24\autofill_bypass_cache_forms.json

                                                                                                                      Filesize

                                                                                                                      146B

                                                                                                                      MD5

                                                                                                                      9357a694006d8bec3d0f8c9607b76ff8

                                                                                                                      SHA1

                                                                                                                      6335ce691999ec10de742cd07d074eb648631259

                                                                                                                      SHA256

                                                                                                                      b6c37df977f149c5a444c72ea4469ce666c7975d34c6e2e0d9d8ec416f57dd44

                                                                                                                      SHA512

                                                                                                                      87c2d0192f3a78b13a691cda14da507f260d13331b792eb973869bd6dbd0f207faa48f68882be691641b46c06ed12ee8b9728a3b596df67a1f9a4831b4369a44

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.24\edge_autofill_global_block_list.json

                                                                                                                      Filesize

                                                                                                                      5KB

                                                                                                                      MD5

                                                                                                                      adb5f6058f82680a26d6ed02b44e5a21

                                                                                                                      SHA1

                                                                                                                      6197ee74e40c742e184357dcb6dfcc7e32818cae

                                                                                                                      SHA256

                                                                                                                      7655c9afb5f2ea39b18e302498b34009ca02b72451f82a6d4e7fb4d8d954f050

                                                                                                                      SHA512

                                                                                                                      742dd8f6eaf1bd5f24b37e90d7a3dce7bd0a8edf399c2dec25cd92d2bd6e1d663ebab3c68234812f0144061d4f22f0c2c43de890f60e24d93133bbfe23a6d1c5

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.24\v1FieldTypes.json

                                                                                                                      Filesize

                                                                                                                      509KB

                                                                                                                      MD5

                                                                                                                      c1a0d30e5eebef19db1b7e68fc79d2be

                                                                                                                      SHA1

                                                                                                                      de4ccb9e7ea5850363d0e7124c01da766425039c

                                                                                                                      SHA256

                                                                                                                      f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1

                                                                                                                      SHA512

                                                                                                                      f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2024.12.2\crl-set

                                                                                                                      Filesize

                                                                                                                      21KB

                                                                                                                      MD5

                                                                                                                      846feb52bd6829102a780ec0da74ab04

                                                                                                                      SHA1

                                                                                                                      dd98409b49f0cd1f9d0028962d7276860579fb54

                                                                                                                      SHA256

                                                                                                                      124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4

                                                                                                                      SHA512

                                                                                                                      c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      280B

                                                                                                                      MD5

                                                                                                                      0fd4a0e92c8a1897aab600ab92275489

                                                                                                                      SHA1

                                                                                                                      857ac84f0fbcf53dd9eb0f49d34258ed0d559476

                                                                                                                      SHA256

                                                                                                                      d1235f9f2c9d3af7e9b1db3aa48a2ef252e0b763879024da51f12da3829a9251

                                                                                                                      SHA512

                                                                                                                      45954b0954e5b382af0dd8bf420511347e661efc6497eca474f54683066209d88cedd20031539cb7de15bc306e18e6aa6ef9892023a82a567b6d2633a039a831

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      280B

                                                                                                                      MD5

                                                                                                                      6481d4385cab00f18e19f815bea6fe7c

                                                                                                                      SHA1

                                                                                                                      b8df1e58539491f552cca0a2735bf1834ef6c3e8

                                                                                                                      SHA256

                                                                                                                      6c5841beb22d999d61f7b58e0197b1edc24649a0f7eb202e7b46173df29f009b

                                                                                                                      SHA512

                                                                                                                      71d09192d4400afaab1545854d61bbcbf994a9f3d764fa6e8c697b6eb974837e511cbd45fd69d43d713ee8960dd9b8d22759a1eecb664ba087e91807046a4fe6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

                                                                                                                      Filesize

                                                                                                                      536B

                                                                                                                      MD5

                                                                                                                      df3f1a6a3a91b2adc4e74b5c4ecdf7c5

                                                                                                                      SHA1

                                                                                                                      01592763950873e841c40268f4fc1890561137fa

                                                                                                                      SHA256

                                                                                                                      20ef8a6a2e5fb83f3325c24eb9d0e04709ef35f3ae7b4a825073339a8e2435de

                                                                                                                      SHA512

                                                                                                                      005e7623c1d878ed0982a4dfd9a59c386d9dab36e957f469798a462c6a7235913d451e15cfcd1f4f925451140cc83904c94aba439b7bf06606f1a76a89fd129c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

                                                                                                                      Filesize

                                                                                                                      763B

                                                                                                                      MD5

                                                                                                                      529908cf4a524377ee99f1b03fe49366

                                                                                                                      SHA1

                                                                                                                      e55d903ba7d3db6c5a738fa4d2fea8efdcfc6a40

                                                                                                                      SHA256

                                                                                                                      32e1c138188c2221a924d95c2920efd9e1bde0e26ac2d3f30680471c5ec9d257

                                                                                                                      SHA512

                                                                                                                      41b9eaa62b93e7a3049d15f8b84aa2ec4c20c81d07b75452557968821711e19d27dff8f3fa6ef838d16d0a1b87475ff1cd74e0ca2d2de76581c0251372efa2c4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      1085433923126ab5566215ac965462dc

                                                                                                                      SHA1

                                                                                                                      7d8419757e55778626bc909d7e1462e734b30c80

                                                                                                                      SHA256

                                                                                                                      66bd7ac61825fd2afc0772cf77212cd3c586adffff91f3013ceb8a3f9c35e52e

                                                                                                                      SHA512

                                                                                                                      612ad80616920cbb74681135095352bef51321fe81c277b0378519990d28bccf368f1521409b722d8de61a2e1db7045cc543fec3aeabef99bc6406c5ec18cecd

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57e8d9.TMP

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      ed1ebbf4f033b647fa0103333f9643e4

                                                                                                                      SHA1

                                                                                                                      3cf2076fb54dc919a2e6de769ab936ba583936e0

                                                                                                                      SHA256

                                                                                                                      bd66e0a32b2031ec6419b367dfab9164f43cb3b70de1e76199dd9d9077d85963

                                                                                                                      SHA512

                                                                                                                      9847eae89a8d1b51827d309b03d2c91ef16765a1624a85391c766e204e7bcb525557ec5e71d69c0e5d611de5aa58f49db751232cbc1e5841c05373b11b00561a

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                                                                                      Filesize

                                                                                                                      2B

                                                                                                                      MD5

                                                                                                                      99914b932bd37a50b983c5e7c90ae93b

                                                                                                                      SHA1

                                                                                                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                      SHA256

                                                                                                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                      SHA512

                                                                                                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

                                                                                                                      Filesize

                                                                                                                      69KB

                                                                                                                      MD5

                                                                                                                      164a788f50529fc93a6077e50675c617

                                                                                                                      SHA1

                                                                                                                      c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

                                                                                                                      SHA256

                                                                                                                      b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

                                                                                                                      SHA512

                                                                                                                      ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js

                                                                                                                      Filesize

                                                                                                                      9KB

                                                                                                                      MD5

                                                                                                                      3d20584f7f6c8eac79e17cca4207fb79

                                                                                                                      SHA1

                                                                                                                      3c16dcc27ae52431c8cdd92fbaab0341524d3092

                                                                                                                      SHA256

                                                                                                                      0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643

                                                                                                                      SHA512

                                                                                                                      315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                                                                                      Filesize

                                                                                                                      108KB

                                                                                                                      MD5

                                                                                                                      06d55006c2dec078a94558b85ae01aef

                                                                                                                      SHA1

                                                                                                                      6a9b33e794b38153f67d433b30ac2a7cf66761e6

                                                                                                                      SHA256

                                                                                                                      088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd

                                                                                                                      SHA512

                                                                                                                      ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      29d9a14babc8d183b559cae45fab2692

                                                                                                                      SHA1

                                                                                                                      170ed460934f7efc8ae587aceb4eb110c754ab3a

                                                                                                                      SHA256

                                                                                                                      0caa0dcaf709bdeefed65a72edaf985253e66ebf702eed230fe75007bc1d384f

                                                                                                                      SHA512

                                                                                                                      7e16760a9b2914001cbcaead2a7f4cc07348fb8f74fceed81d74e8d1c816cc3442fb58a587d94f705ba8134fb6da34c26d4f985bb3683e523367baab22814259

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      111B

                                                                                                                      MD5

                                                                                                                      285252a2f6327d41eab203dc2f402c67

                                                                                                                      SHA1

                                                                                                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                      SHA256

                                                                                                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                      SHA512

                                                                                                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      394fc1241331e47e78db217370fac83e

                                                                                                                      SHA1

                                                                                                                      b09e710d0e5a96d17836b4e3ae85bce162101d4e

                                                                                                                      SHA256

                                                                                                                      7917b252f67f0d35da1173460103a6030483836aad6908dd59cef860222aa773

                                                                                                                      SHA512

                                                                                                                      2c1dbed51cab154c3e788430f6ee9c337fad6084df5d8a2fb0451d26b9e377be92a06c4fd66e521a92582ad314d355217b4378fca2f486349651b8a0e33b0cc6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      0396a9d14a2e5d8ca99b30925c1f4310

                                                                                                                      SHA1

                                                                                                                      126c1fc664a65fd95b9aa3397969292563afd058

                                                                                                                      SHA256

                                                                                                                      842728e8b96ee1ca2edf3fa4e78585e9742f5d385e71dd444e0bef0b7839852c

                                                                                                                      SHA512

                                                                                                                      e708b39a646fcc712bd09363d910bffe4065f54e8fe217038398a66ccd6546ea0876480ffef503122c06d67bca656ac32b58af4878d63a08087bccec341182f9

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      f01dbfd1b3b1eed5909eff5941d4e39a

                                                                                                                      SHA1

                                                                                                                      c30c78737eecbcb6b280b847e31cb544a34e6660

                                                                                                                      SHA256

                                                                                                                      283ca5dc0c638b07a6fb045f5fcd77a2df09040178d0c2bedaf5aeebfd7475a6

                                                                                                                      SHA512

                                                                                                                      4ce60607ab3d297abc8a1522e115d25c7cb8599020ce3ce2346db6c0f3afe382b20c9662b872b721daa49cf973e198ab8fc75a869a2dd4104ffc82b54d4cd29f

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      7138ba81920ce0a5a62a49b6d453c6f2

                                                                                                                      SHA1

                                                                                                                      68a5057d100523005d82fdd7c8f34a62a91cd58f

                                                                                                                      SHA256

                                                                                                                      fa8dffc715fe40feac071ccbe86073839659a31df377b3a5c698472b3102137c

                                                                                                                      SHA512

                                                                                                                      8a1156489b8dcf8cb9c70c1d80f32650b8833cde8be017ee34caa9cdd635cb3ac63b7c460d10b9b3c91f97f37a4dd44c40a153ade14a72bd96c402738b9572a5

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      b508d62ec65c6281e1f6123cddc11b5a

                                                                                                                      SHA1

                                                                                                                      c8cc162b27238b2cff93c78c592e6be3e75050c4

                                                                                                                      SHA256

                                                                                                                      64c583406f7748696ecc201175facc645eadc7e3b180f61ddd1092070efbedfd

                                                                                                                      SHA512

                                                                                                                      7d50b34095ca1f6f46f5bc3c2d8d1681ff3796a44d68cad38264053450ffd7cb27a5d365dfc7cffcac71242736067b4613d3cfa76dd01d45a8a58eea25507a51

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      77d94e989146ee969d99da6111e0372f

                                                                                                                      SHA1

                                                                                                                      e261469b2859b1a2c8236a34acce0a765d253d15

                                                                                                                      SHA256

                                                                                                                      8ac37a4f1c2acdb8e65095d5f89131804f4ca18a6f03c6f2faf510482e112b93

                                                                                                                      SHA512

                                                                                                                      658348950fbebce2a6c7b03e7792df046eab82331de47f43198b7c6272ddf53e2a127afe0957f19116f63a42d8a32d304ff7536f4f82bb452df56e3c45c7ef2b

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                                                      Filesize

                                                                                                                      2B

                                                                                                                      MD5

                                                                                                                      d751713988987e9331980363e24189ce

                                                                                                                      SHA1

                                                                                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                      SHA256

                                                                                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                      SHA512

                                                                                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      13KB

                                                                                                                      MD5

                                                                                                                      afd02d1dfd557dbf8030821c7746bf62

                                                                                                                      SHA1

                                                                                                                      28e11452360373deaf47d8ee76d2ba98e72c84d0

                                                                                                                      SHA256

                                                                                                                      81c78365d08d8e411fbf962bf702fd2d14027737d7ff36ee733192762b79d82a

                                                                                                                      SHA512

                                                                                                                      1c0bd4fea4640d7ccf945a2409b0f79652fa521dffc29443889fc60024e711afa83cd8c1c92710c72dfb68382cd0a7d8a873c6f8d0933b13e049b61df4597a74

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      14KB

                                                                                                                      MD5

                                                                                                                      f48744759f5bdac224d5f4a2b5599de4

                                                                                                                      SHA1

                                                                                                                      b311de62cd2cb259481a8b6902cd13a1f0c43364

                                                                                                                      SHA256

                                                                                                                      b8b58f08667222626b1c2db9c937414987019ae863d5314149cf11de55eed48a

                                                                                                                      SHA512

                                                                                                                      fb901615f31af600a67a92ccb87d9890842d8c7b2198e5b5b89634276825e1ae18a70a80c5531915f2caa48f1a60d46b5bc1022b1bfd9846c924466523e35bb2

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      14KB

                                                                                                                      MD5

                                                                                                                      ce0888f1a5b5dbcc2ad45fcdf70dde66

                                                                                                                      SHA1

                                                                                                                      caba41ba36ae5cd978fe08b5cc1c43f7c2d1040e

                                                                                                                      SHA256

                                                                                                                      ca3108ad22788c567d93fc9f8afa04f4aef8d4bacdb7cbecd4675bce671a6b59

                                                                                                                      SHA512

                                                                                                                      2121562e4afcd4b353e6ba15886e69d866687dd169e767e5228fa15058c8bfc349c480c6fd67cddcbcb597d719aa1b292d65df85cdc524810af625c7c5a2ab53

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                      Filesize

                                                                                                                      36KB

                                                                                                                      MD5

                                                                                                                      3a7fb16a11ae274cde4eae1495545de7

                                                                                                                      SHA1

                                                                                                                      759163dfa8a1aa7a11ddab9aedc27ab608152e65

                                                                                                                      SHA256

                                                                                                                      3b5eab8990921b0aff88a90df0e29ff35b942e6fc60b9b0716b4ca2b48073552

                                                                                                                      SHA512

                                                                                                                      9439ab4312541a11b783b8e12653dfb2324f1c609708910b047ca172aca84b21d4becd8bd01938899a95e70e98d6aaa2bddc6c05594e4f115346e3850095b6d9

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                                                                                      Filesize

                                                                                                                      4KB

                                                                                                                      MD5

                                                                                                                      8c5ba7b49bc6f450d2413fd6a9d62bea

                                                                                                                      SHA1

                                                                                                                      e3954088ce84a8bb241bf7ef79d5c96809646ddf

                                                                                                                      SHA256

                                                                                                                      f36f10b39f9660ca7901d21cbe9498b56320d794df4b3174f85b773ab0df5203

                                                                                                                      SHA512

                                                                                                                      fa21f85b32f60281bb76da23acb8ae06627f05a6fd77e135eb80ea098958f2a861b47b170fa1373721c1f0b17e93f5bd089bebc31dfc8ba43b3e3a5f7dc66947

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.11\data.txt

                                                                                                                      Filesize

                                                                                                                      137KB

                                                                                                                      MD5

                                                                                                                      1bee2c36cebf096d8a559d5c4eeacff7

                                                                                                                      SHA1

                                                                                                                      c695eda67f31d729dfc336b8a471ad6346a39031

                                                                                                                      SHA256

                                                                                                                      5e4014e267eec120e673cfbc407e4340c234a7898319b35a304ed6ea343a7999

                                                                                                                      SHA512

                                                                                                                      ba520d383be95d8b15140b7e38e4e7ac03077bbbb8ee5326ac4162be9403bc9f0576e53840fc22cd9c4038f19f60bdeb7b4e8e0125da6ed80670238de812b4b5

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                                                                                      Filesize

                                                                                                                      876B

                                                                                                                      MD5

                                                                                                                      1bffff303d402713ab09a7fd5cb4d188

                                                                                                                      SHA1

                                                                                                                      b47af05e9b65442710b297809c9391962d381cc0

                                                                                                                      SHA256

                                                                                                                      3d583e70bebb8bde6b1cfe93d516277374210ce58dca5ab246706d44aa84354e

                                                                                                                      SHA512

                                                                                                                      703900627deeafba4429c9e14cd316c18c3bc0be14df6fbf69d2a83d249dd68af71cfb3d0974557400dcb499ab0c57ade3170a387777f9aff8cebb9c220bdf33

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                                                                                      Filesize

                                                                                                                      24KB

                                                                                                                      MD5

                                                                                                                      0e3580004efc9e812f2a0062ddb5e9c2

                                                                                                                      SHA1

                                                                                                                      a8a3016a9f6fbd04794730517c7b3fbff0a5664b

                                                                                                                      SHA256

                                                                                                                      e03da5a98dfbe43697cfabbe03130951fbd90fbe8292915c6a459a4f78c2aee3

                                                                                                                      SHA512

                                                                                                                      e70955e603e14d77ad577c0cd7169be720854d2d0b7d3f54f41b54af60527b7baabb3487093b01b6c1a2d743ee8ee2e49c49a2c2b3e21eb150688657c3d6613a

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe588410.TMP

                                                                                                                      Filesize

                                                                                                                      467B

                                                                                                                      MD5

                                                                                                                      5b418cad129162e90a053e14ba4cfed0

                                                                                                                      SHA1

                                                                                                                      a536420853b34af847e16bcdcf0811ab6726f759

                                                                                                                      SHA256

                                                                                                                      31e9b1e0a2749aa34bf8495c4d6f022d712c911b35beb731151cb6de9cc87768

                                                                                                                      SHA512

                                                                                                                      43334ea2421b1ddbb8f1d91cc10b70cfdac657b4e20e254ac5943313d713a4ad1a35b08ce4e288b7d4b0f3909e890348277ba70a073c151f1dc354cc2b77b7a7

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

                                                                                                                      Filesize

                                                                                                                      22KB

                                                                                                                      MD5

                                                                                                                      f768bcb451a187c18099961c484eef8b

                                                                                                                      SHA1

                                                                                                                      99472c2d1918ea56c632734bc5c8a89ae6d2551c

                                                                                                                      SHA256

                                                                                                                      d988156066b7fd22de278fbc96759d2caea6552094ffeb2ddd9307806059c5e4

                                                                                                                      SHA512

                                                                                                                      a4d78de6bcc1e940c466c41c31ee100235b32fef4cb3e7815a9c62dfae1eb3e4588d2c9e8597152ad7754527643c59ea8b811277ac58e4134a3dbf1507fe97bf

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig~RFe58850a.TMP

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      904e6e94a1d46374c8630cfd86cc729f

                                                                                                                      SHA1

                                                                                                                      e1d9c3f7813878acc6510d48d95b2bf48b2e1a0d

                                                                                                                      SHA256

                                                                                                                      8b2e057387e9714efef3580a36459acf56aab53c806cd7d7dbb6e17cef977ef9

                                                                                                                      SHA512

                                                                                                                      081e2a26252860ff8d8f7a9d0378ae56f0cc50574d13d2a121afdf74284963747ef874a4d73b1df7774cd8570972f4f513eefe0a0325fd088556d5b1ba946712

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists\2.0.0.0\office_endpoints_list.json

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      94406cdd51b55c0f006cfea05745effb

                                                                                                                      SHA1

                                                                                                                      a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9

                                                                                                                      SHA256

                                                                                                                      8480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e

                                                                                                                      SHA512

                                                                                                                      d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      28KB

                                                                                                                      MD5

                                                                                                                      fa844789cc52571aca0dfd2441b45697

                                                                                                                      SHA1

                                                                                                                      141c27e1589feb6a97d9726e17bfa90c4ab81625

                                                                                                                      SHA256

                                                                                                                      06f9f6f74970605c8b8b9d983f82b8ec6638431adfe86324a58795b9c3166ea0

                                                                                                                      SHA512

                                                                                                                      53a54cb855a12dcefaca16760e24a7a3c2b8f907f6b906ad43af3580fb7e17d593f79399cbc6542c6c632b840f33f5dcf090ab269d159057c86d6900e2c5eb9f

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      fbeb3acf31862638732a625199aac9c6

                                                                                                                      SHA1

                                                                                                                      1774daa444f8a3c6bf2a03aece284bf09d530515

                                                                                                                      SHA256

                                                                                                                      4216ac18594f51610fb8470e3d7fc5dbaf05ddaa02eec4d5a15c40390aae47e7

                                                                                                                      SHA512

                                                                                                                      3a32addfa49268be5ab693af92f50b8625a9fc4ab1af4b2043c51691946f93d644ac9646e075aae0c9c3c43e9eb320cc04f67917fe419a0dd89c521d05a339b9

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      fd90687074e6959cda9c630483b0cdec

                                                                                                                      SHA1

                                                                                                                      c409d10113e87b44448ae1dc04446279b8371249

                                                                                                                      SHA256

                                                                                                                      99a713741f229683242761adb72430d065879c1e59717cb33372f599b18baf4f

                                                                                                                      SHA512

                                                                                                                      db619f87ec23bc0d297cd8d8df628fe0a62806c1e56f00a3ece4ba9b5b42bf319f1928e0cdfdcee1ab67a6d4425441cb60a2664dacd83779808a95a3d66ac525

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      32KB

                                                                                                                      MD5

                                                                                                                      977042f68ef8b42e8ed5517360aab988

                                                                                                                      SHA1

                                                                                                                      36696f01bb777ccaa07fd5cae2a16a3ab3b18cc0

                                                                                                                      SHA256

                                                                                                                      e20990ec035cd2a984ac55ea4a6b3a78ddf8d8d9cdfab76223e38e0328a6a8b4

                                                                                                                      SHA512

                                                                                                                      722ef0b9dd66969acbbcdbc3f60e96b9bdac2d13cef2afc05a1204cf3364dee184448fe5a4ed3d35a242585e7787a8b031bf44549d38fe9bb5b28a2b9e77b021

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\crs.pb

                                                                                                                      Filesize

                                                                                                                      291KB

                                                                                                                      MD5

                                                                                                                      916f38644626b7201f29c01bc659525b

                                                                                                                      SHA1

                                                                                                                      c259bfd1ccbf1347b6a0bac43e7aead100ca7092

                                                                                                                      SHA256

                                                                                                                      8ba4acc8582041e5caa5dc4c73ade421b52a8b018e70f12b7a1437f74c6a955e

                                                                                                                      SHA512

                                                                                                                      33539525ec8bf13ee832365994dd6b3bc2162ef64e032baa1ab6e45d701125d08009504c254e85b763b69abd93f10366a4b44e5e62f7705c988c089aea447d19

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\ct_config.pb

                                                                                                                      Filesize

                                                                                                                      11KB

                                                                                                                      MD5

                                                                                                                      4fdf7c8ca48768f459c97b25fdd10d9b

                                                                                                                      SHA1

                                                                                                                      d1f0ac34a53294875dd7bc03dfbdf5c7ae65a4d0

                                                                                                                      SHA256

                                                                                                                      6a350094ab9a19b758f6660a58afdecc44e83b3ce8c3521fe3b831d5945a3911

                                                                                                                      SHA512

                                                                                                                      7322c942946b83ed8cf8875613f72ab5fa5fcb4ca1671bba22bd02404546f8ce099b2941cb0897b3209aecb85b6ac2f1b98f2d11678e5304b55ae3974192042d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\kp_pinslist.pb

                                                                                                                      Filesize

                                                                                                                      11KB

                                                                                                                      MD5

                                                                                                                      563bdb2192acf2c106832f696df5d84c

                                                                                                                      SHA1

                                                                                                                      898eee38d08e09254c39dd0d1707c98f95cb2fa6

                                                                                                                      SHA256

                                                                                                                      2efcd280779456d767025a4f2915012cb9b11af2b8e199d3f32152232bf09460

                                                                                                                      SHA512

                                                                                                                      550e3dbaa0a5d74763465318b6f14035e16e1d70602ca36a5636d159875b527fae51f0c7f81e380797b4871283dbddb964017e7a16857228a621284d7aef00f5

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\safety_tips.pb

                                                                                                                      Filesize

                                                                                                                      163KB

                                                                                                                      MD5

                                                                                                                      bd6846ffa7f4cf897b5323e4a5dcd551

                                                                                                                      SHA1

                                                                                                                      a6596cdc8de199492791faa39ce6096cf39295cd

                                                                                                                      SHA256

                                                                                                                      854b7eb22303ec3c920966732bc29f58140a82e1101dffe2702252af0f185666

                                                                                                                      SHA512

                                                                                                                      aa19b278f7211ffaf16b14b59d509ce6b80708e2bb5af87d98848747de4cba13b6626135dd3ec7aabd51b4c2cfb46ed96800a520d2dae8af8105054b6cd40e0b

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\typosquatting_list.pb

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      17c10dbe88d84b9309e6d151923ce116

                                                                                                                      SHA1

                                                                                                                      9ad2553c061ddcc07e6f66ce4f9e30290c056bdf

                                                                                                                      SHA256

                                                                                                                      3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e

                                                                                                                      SHA512

                                                                                                                      ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.5.15.1\keys.json

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      03f15dff10ac451682f8a308674ddf77

                                                                                                                      SHA1

                                                                                                                      c723e23c49bed8a52b8f947b2cb8879a110fc94b

                                                                                                                      SHA256

                                                                                                                      f967e18d5b1839ba801212f032e7e6dd92f7ba6958bc3ae9b122d9fadf2b1bf4

                                                                                                                      SHA512

                                                                                                                      df8fdc89cc1e6f2edce49b41bd9f71dc7f7a8daab40f1355415119f9c0a0d5067337d966472ad49f855ecb9a89bee8d1711d8a869589a03e469530ee8d7e0f3e

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.7.2.1\typosquatting_list.pb

                                                                                                                      Filesize

                                                                                                                      678KB

                                                                                                                      MD5

                                                                                                                      8aeeb5c136b1deeeee3677f4b93e2575

                                                                                                                      SHA1

                                                                                                                      c716557d8d504577e2d22bb710e94663b91c80f3

                                                                                                                      SHA256

                                                                                                                      b8d2c9ee5824a35ef1bcc746200cc710bad4951d4ee16be4acb8a8f503bd4856

                                                                                                                      SHA512

                                                                                                                      a5b927c20ade622589e09a7443e7fef2ae2b445b22aa773c4bd05c248d48f0bd0e7e2f3595441bd40957c08f29d660f27b7238030c51303d338738e2b1c51b17

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll

                                                                                                                      Filesize

                                                                                                                      572KB

                                                                                                                      MD5

                                                                                                                      f5f5b37fd514776f455864502c852773

                                                                                                                      SHA1

                                                                                                                      8d5ed434173fd77feb33cb6cb0fad5e2388d97c6

                                                                                                                      SHA256

                                                                                                                      2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e

                                                                                                                      SHA512

                                                                                                                      b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      7e1817ec665781abf77beacde0e77d55

                                                                                                                      SHA1

                                                                                                                      5138098b88c425f6e84f09d2d4c75a2f047b96d4

                                                                                                                      SHA256

                                                                                                                      d69a1bea0f8e9608d74f10331a528890a38ece80118128250ff05852292ff6e4

                                                                                                                      SHA512

                                                                                                                      0eb8b923ce3e03c52ce8cccd0d90e4599067ad4263378252ce73a57787f784b86d91ba6ff47089db8b9f1adcd44d8a55fa3493785409953414bbe47ac8abe807

                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\22609c48-1ef0-43ae-8cc2-1646902f512c.tmp

                                                                                                                      Filesize

                                                                                                                      1B

                                                                                                                      MD5

                                                                                                                      5058f1af8388633f609cadb75a75dc9d

                                                                                                                      SHA1

                                                                                                                      3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                      SHA256

                                                                                                                      cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                      SHA512

                                                                                                                      0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\fea9267a-d157-460b-b763-62d45ed1b2dd.tmp

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      78e47dda17341bed7be45dccfd89ac87

                                                                                                                      SHA1

                                                                                                                      1afde30e46997452d11e4a2adbbf35cce7a1404f

                                                                                                                      SHA256

                                                                                                                      67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

                                                                                                                      SHA512

                                                                                                                      9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\scoped_dir2748_576759634\e661539d-b91a-4ec6-854a-f3bbf518bb63.tmp

                                                                                                                      Filesize

                                                                                                                      156KB

                                                                                                                      MD5

                                                                                                                      b384b2c8acf11d0ca778ea05a710bc01

                                                                                                                      SHA1

                                                                                                                      4d3e01b65ed401b19e9d05e2218eeb01a0a65972

                                                                                                                      SHA256

                                                                                                                      0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

                                                                                                                      SHA512

                                                                                                                      272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be