URL: | https://urldefense.proofpoint.com/v2/url?u=https-3A__url.us.m.mimecastprotect.com_r_djvuL7mYUbLSjWrnnlMRak7HYIVt7LW7QsholS5SlvrqYU17B4sptqDUK2SgHv7jDfwvov53gTs6-2DiDuRNFhCxW0-2DTYMmpUXVVLl083BaG1jmRayCo3p7vcoOj8e-2DlMPCOKBKICagIlYUWaL3g-2DCypx5I-5FgTCVbP0qj6BfQhfawg1TNMvuucXQzheEm0sMCiOTPqpw-2D-5FDgysY8geDQVcWTroqaFafxY9omu3A0pNIFv62I71hgPcBvFZA6ipGNGsuaWIIBpGfcaDPaQ2K-2DPJ9yWWSajFssru-2DrGh0dUe3qhYvbFnToxVtVjUJ8ZDtmhOKaKjlMa06RrW0BWfPKH10XWe1gmj8kEJxJXgzBC7W5afT-2D5-2DKWvvXYWt9HXvkJONTgTspEAvrSVr-2DxPesX6CaOWopCxl55BGJZOskVLVYBTQ4scuczogFZjNf8IuHe9zjxhQoshIScZA1eiuh0VotFMXT7smCFdJAEXePmi3Wu74TUA7VAwtJ503UilFutTD3OZOXrXAKlsO8Wz0AbpyM0Zphp0qsCDu0WSzrZqF3eVgjBIPHOcE680jm0lBVwJXHOEYDyyUuyDhGTk-5F-5FKhs5k3MjBE8Yogi0N2CoyEYHITF33ckjg5FdKAmX2I6F7WgFed8Bwy2gThf2fKufSLevxAibFs9-2DcYsTLFVVfgvmLqtfBe6HbNm-5FVrdLhKFvahHQz-5FUnLLkgMA-5FQSq6WFwq0O6uIppgoTUnTrWkHIEWxlR9fqRCF4S2TBTaIeuW-5FRN00vCnSwIM30BPEYdExRmBzSxk1jPR9ouKyTE5GTE9armIkeyDNdxY256w27TNTuTD8pUXDqwtB2x9BARHhXyl3R9heI7FbXeb4-5FQrHvOVM3khGUzcj1nPRJL1g9W-2DmC0kpK6-2DgSDx-2DtjgBBMJqG-2DJTW-2DW14ON3IojsLA3H965NTuIqcJWDh4mLU8lBIAubuXj4G3KTLZba9yMECapb3YIlN6Nxji7PL-2Dx7K4SrSPmiwti-5FCKd9Jl0clY-2DOD0P9vxKhwELkCfSYHcHFiraWUAf6OcM31GqYnEoq7sQvGc5VAe2Vug8ibEzeuvxEyNxiHRTbhw1driD8Vo2PPKZWD2Cj0w-5Fou8-5FvTZwHDcsrRghXhTw7vMiFhHl12WEd2GnkJvRn-5FStyNyqGyFlW-5FvLIFFrGCKoAHjeX-5Fq-2DsWUimsCrYbTvbVRioD0GXmpMXDqUBVw0DhB1ySCAZxg7T2RgLN8DtlOBvpY825e2zpLTYW9PA-2D976jzNmjUKHJUJKKToDV5jfKZGWdLEHE35Sj-2DlGn8sc48bYRlG7u8iMTUn3IUM9zUYPTDma-5FMo5dtTjKMjmmdyNhb-2D1z6w8Uj8VuhOkZj68F38rksxr7o7QUeIJ0cxANVevU1x-2DX1208l61tSFrqt0a6P1AG4VoAYBBHp6EdPzVFJGvePezUWKTFPPZWT828unMzOfAV04DxzYP36ANk69mw71MGCvILEdFxYz2A7kcah-5Fi9-2DZmbf4Kkw-5FQpNjYz7UHq-2DTKeJ5XdZBDnT4CZ9U00lDqjwxegD3q9c-5FA7S5pEcmtnuHtTsWDxYINERQSPsCb00-2DmH-5FTwc8nSn53pDjpkL37NyCkygzAqpQuLtvygKL83qUMvcwimFiy9iRX1ON3dc7xsiOV12mjItRXbMcA6y2A8zYl-2D4m81UqZwcstwNfqFCSN1YxibfldEWM-2DTxddViKUUqDgmSQe8l7FUCQAWT2ROrvES9hGiVZxSuHRdux5eEfyrwodyNdpMiWtiMjumEPjMadjuViIQ8XQrH-5F-5Fl8yt7Z-2DAPZGaTt7o-2DII6JxIX-5Fmt9EWmf81uo2r9l8UYk7mBoe9V9fyb2Tk6frMb1Lfm016xjshRHwR2qOMDUYfr4VwF3BQeYhYh19j3ZbDjGZf3-5Fi-5FCIEjhl1braRj9jnpU-5Fc-5FlT-5F8IVNQ6adiktEviSzELzx6NipTTbmbZjSvfXhb3FuYntqAHNXM4x9acRc8qRo5-5Fn-2DOaVXe7KSGWTERjK-2DLQcsSl9wLZyRTS8s26vP-2Ds3urztAYJaZGuz2z-2DEvkQzWZ-5FEPb44-5F4lcN9Z2SWwnD2dd98pv5PdMJdr37kWvGKz1EfHxBjHuOgOLRpsQ8nJBrCo7PVL0jUth2V1b-2DrGoM3X-2DE1pleex7mPJcnDVZQSnE6vyAhV6ebdBFhvczag3Nd4dX6wxlWjMBTpqFy-2DppGdryXUoOjpcdhJHyVtPrGr2lBOttsA8trXF9Kk8VNoJi7LYsxhqAAcA67px-5FtjmQ1UF33mLM46kPG3NQsTP4oYODvSMWIEWsTMUR7znvbwKCtjNBUluJKJk0LyxPMjk6q2s011KGYLhj7qdX9y2H2MdHUvzRCGDOSkW9fBhv1tXSbmQ8PK-5FUl8qsJBqqX5mCauLKTvYEU-2DVV9z6xMeUAXVsofZie5n1gAh-5FtONLPonI6WFiWXldDev6sX-2DePfxYAkg1FiuYF4lDprbBVDajD1syI3fcKmXyL4OtoDU5soRXs15xG4mBI9rxwCx6qUcHDDhsA3yGcIoUwCo0h3jd94POUkjXUHnQPxI21YU1OlseHRc-5F4i-2D5oGwNil7HGSFa05x6XjgyMxE1dJrBksMG3EMkPm5JDXV6F-5F01Id4zemaoZgzooEh-5F7fv1E4Zv3mE1qdYUsorfnHlmQs7ASpv9l3gGSRkrARskqTZ4x-5Fy5oew6kflzRIj7-2Da8xMPESmp4Ss4ysUv0BYOs7qyz50af3NUaft-5FZHoHG2omhT0-2Dm5SUZLO8eFxJgYR9B0LCmtaUlxE-5Fzhrf65vPvj09uu-5F9ooIQn0SOUz2XzNOSUcB1SfIUxSHGuQHxx1mdUOV-2DkWq8gjzkXPH7o5rqzHT440EE1bZFO2-2DdB69WZuGRGhCwR8-2D6fUNe9sHEcfVFJZMRfCDRJpyBddQR3k1d8xLEdt69UQ8jzdsPhXcIwHXohaHCZWkpb-5FnU1LGnWmoNTXTf2ObuXuNkoJVECqkDMWrTJpoVasChvrWli5pAPEY5soALmEjeoGMIF6Hz-2DpmEREulECXlldG9gpC2XP0Y4VyOKzA4A2j3sPDWBZC62iJqmJf5AIRgEqUQ75KriJKCgRA-2Dj7HsVGUyukVsrYpzyQeagJuEe96BbYbFIPdEpzxack4vbeBgqvtnggnsxgF6vrUASb9x4Hiw1JdCBLx7bQU-5F-5Fqfy4q-5FmQ4OCFse4Xn7fNOq-2D1FmaOKDr0qjVUnKBCh9lQzt3rRixmtEMdnhubhUSEzxHkmdwIh8BkYJOkx2w62wwFirwUPMCVPy94lVPWLW-2DuHrOleEAaa20xNsBKGYcAs4GmCVU8dKkztp32GnfJf1ydkOAPm6oUBJzWgwMrd6ebt1C1kdJCeSxdSXCaG8aSdYOu1iQDa7TNMP4FuPQvkUrx90mAYbmuDzb856LqJN-2Ddk7k8yv2iuQf1yml0Dy0YXCH3HVt-5FJ0Nvjqr1WjpDG4OcBQSYf-5F5dDSLS4TBwsFEt8CRAVf3fSScBMvf12-2DOPaEFL9B2ZE7N76zHl8f5c4nHhkqDBzwGJ0px8X3HVRFS8J5DaMRwDBlloXGiTUd-2Dr0ms57AGjDPw0rxEixXmFze18TpWk0zceCxayfhK6rk-2DJt1IFOY8Hirr6zmmatyXGOR9qgY9WFjNTUY71f06Fy5uFStzAtypUxhRb-2Dqodzz05uTmDcyB4I7MAKvEHNI-5FQPxkG2VkZTY02PaVAB75TS9i2yr0AGoQwGwSxuOPBeNjO9xBZwJT80rqoHp457sjFwvk9sXTQNlkE2riskMYltJuy7NHur3-2D6adW7QSBeBpOpK8D3lwb-5FbC4mqTO95om6yDs-2DlZznTHl6Aez5IlXeRKpRxt0Zv5MGUttISwU72GosppeZ8qjEwuwbtj4t-2DhsdSOMNkvt-5FZdxCwGVRt6yjK09IYiGhUdJd8nybTtrFnb7khWVflBalY2f3qGnBrbQWTopeL9anXmEe3I1yFnpcfk5xmu4sVg0QFFcr8oZO67xLIktFogmRtIOl-2Dxn7-2DBtuzITk6B1eBCv5q3s5aMdiZDXO0v0giI3YF0LV9yxkvoqJsPu3xhvvvoqrHX1Qc-2DnuZ5g2WBbCfSvLRjCi7Ig5sVYNrI9C091UFB1OTyJuVShC-5FORmikKLXzdjq9GeQqNt8wQ5I3ucg-2DNqlxhR1hTkdz-2DeUu42tA6eCQivymiE8aEEzASdk6BL-5FjNnksjLRhIdaMZXZAeaLWaRIEevaL788X1E3KMC74O6JTzxXPbqLh5swqgjtRQoGbzeosjQgZ1lciwso249Ti1Gesgqc8-5FDhj4f2rM8flFSk-5FzuGTj0HgImdgTrvkvqsRovKGVQC-5FGh1LJTy6jJCGo2heH5-2D-5Fd6ljCqSo0D8OT4GQmjWzniqkisLVAZqfrnfHz2gtOJQIMw5dR6yi1x39xqAtXg-2D5bRN5uVmz86Oj6Il0fNRVgSs3URoyTeIZdkVBjiN3qW-5FnF32rOxV09OQGiF-5FLD9lvWs2yU39EG7pwRJL0aY1rOBqNWwvnJMsHGWNAF-2Dfd7mZsgakkfGUSuN1-2DLPgK6UgsBx2-5Fit92NnPZzS7gNNrZTx-5F09DpaxN1QBKhkRDmNV10HEtS-5FNzo&d=DwMFAQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=nd_0ZWqP5-KzdaWZtXSjszcklBG74jfT6xVTo8CTwTM&m=b_jNuHWhyblLq2-yfyxWd0Tu0-3ORCYk2ZJQB1dIoUx0uQJXsbY0iKRIvrbXsoRt&s=OpCcJOBJ3-jMFcNx6s8aB7kZb15qWCgXlD8T7YLg6_E&e= |
Full analysis: | https://app.any.run/tasks/86399ba0-c9ca-4b03-835c-313bc66656d0 |
Verdict: | Malicious activity |
Analysis date: | April 15, 2025, 17:59:56 |
OS: | Windows 10 Professional (build: 19044, 64 bit) |
Tags: | |
Indicators: | |
MD5: | 568529B5BCF67473BB7E6A976E98B0BF |
SHA1: | BDDD496A21F39F5ABA8F6A74C4638C6EAF3B5A2E |
SHA256: | 1EAA9B519197BF966BBB2549285CF201D273E2DA0727E495A84C321404364F72 |
SSDEEP: | 96:5IQz9hC0tSjk+XxkQFa+IZJXF9muBe/h/8lzcLdRGSSny82z6Za3579e8ncyL:5IGhC0tSNXk15Y2RcL/LSyz6s5x3nF |
PID | CMD | Path | Indicators | Parent process | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1180 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://urldefense.proofpoint.com/v2/url?u=https-3A__url.us.m.mimecastprotect.com_r_djvuL7mYUbLSjWrnnlMRak7HYIVt7LW7QsholS5SlvrqYU17B4sptqDUK2SgHv7jDfwvov53gTs6-2DiDuRNFhCxW0-2DTYMmpUXVVLl083BaG1jmRayCo3p7vcoOj8e-2DlMPCOKBKICagIlYUWaL3g-2DCypx5I-5FgTCVbP0qj6BfQhfawg1TNMvuucXQzheEm0sMCiOTPqpw-2D-5FDgysY8geDQVcWTroqaFafxY9omu3A0pNIFv62I71hgPcBvFZA6ipGNGsuaWIIBpGfcaDPaQ2K-2DPJ9yWWSajFssru-2DrGh0dUe3qhYvbFnToxVtVjUJ8ZDtmhOKaKjlMa06RrW0BWfPKH10XWe1gmj8kEJxJXgzBC7W5afT-2D5-2DKWvvXYWt9HXvkJONTgTspEAvrSVr-2DxPesX6CaOWopCxl55BGJZOskVLVYBTQ4scuczogFZjNf8IuHe9zjxhQoshIScZA1eiuh0VotFMXT7smCFdJAEXePmi3Wu74TUA7VAwtJ503UilFutTD3OZOXrXAKlsO8Wz0AbpyM0Zphp0qsCDu0WSzrZqF3eVgjBIPHOcE680jm0lBVwJXHOEYDyyUuyDhGTk-5F-5FKhs5k3MjBE8Yogi0N2CoyEYHITF33ckjg5FdKAmX2I6F7WgFed8Bwy2gThf2fKufSLevxAibFs9-2DcYsTLFVVfgvmLqtfBe6HbNm-5FVrdLhKFvahHQz-5FUnLLkgMA-5FQSq6WFwq0O6uIppgoTUnTrWkHIEWxlR9fqRCF4S2TBTaIeuW-5FRN00vCnSwIM30BPEYdExRmBzSxk1jPR9ouKyTE5GTE9armIkeyDNdxY256w27TNTuTD8pUXDqwtB2x9BARHhXyl3R9heI7FbXeb4-5FQrHvOVM3khGUzcj1nPRJL1g9W-2DmC0kpK6-2DgSDx-2DtjgBBMJqG-2DJTW-2DW14ON3IojsLA3H965NTuIqcJWDh4mLU8lBIAubuXj4G3KTLZba9yMECapb3YIlN6Nxji7PL-2Dx7K4SrSPmiwti-5FCKd9Jl0clY-2DOD0P9vxKhwELkCfSYHcHFiraWUAf6OcM31GqYnEoq7sQvGc5VAe2Vug8ibEzeuvxEyNxiHRTbhw1driD8Vo2PPKZWD2Cj0w-5Fou8-5FvTZwHDcsrRghXhTw7vMiFhHl12WEd2GnkJvRn-5FStyNyqGyFlW-5FvLIFFrGCKoAHjeX-5Fq-2DsWUimsCrYbTvbVRioD0GXmpMXDqUBVw0DhB1ySCAZxg7T2RgLN8DtlOBvpY825e2zpLTYW9PA-2D976jzNmjUKHJUJKKToDV5jfKZGWdLEHE35Sj-2DlGn8sc48bYRlG7u8iMTUn3IUM9zUYPTDma-5FMo5dtTjKMjmmdyNhb-2D1z6w8Uj8VuhOkZj68F38rksxr7o7QUeIJ0cxANVevU1x-2DX1208l61tSFrqt0a6P1AG4VoAYBBHp6EdPzVFJGvePezUWKTFPPZWT828unMzOfAV04DxzYP36ANk69mw71MGCvILEdFxYz2A7kcah-5Fi9-2DZmbf4Kkw-5FQpNjYz7UHq-2DTKeJ5XdZBDnT4CZ9U00lDqjwxegD3q9c-5FA7S5pEcmtnuHtTsWDxYINERQSPsCb00-2DmH-5FTwc8nSn53pDjpkL37NyCkygzAqpQuLtvygKL83qUMvcwimFiy9iRX1ON3dc7xsiOV12mjItRXbMcA6y2A8zYl-2D4m81UqZwcstwNfqFCSN1YxibfldEWM-2DTxddViKUUqDgmSQe8l7FUCQAWT2ROrvES9hGiVZxSuHRdux5eEfyrwodyNdpMiWtiMjumEPjMadjuViIQ8XQrH-5F-5Fl8yt7Z-2DAPZGaTt7o-2DII6JxIX-5Fmt9EWmf81uo2r9l8UYk7mBoe9V9fyb2Tk6frMb1Lfm016xjshRHwR2qOMDUYfr4VwF3BQeYhYh19j3ZbDjGZf3-5Fi-5FCIEjhl1braRj9jnpU-5Fc-5FlT-5F8IVNQ6adiktEviSzELzx6NipTTbmbZjSvfXhb3FuYntqAHNXM4x9acRc8qRo5-5Fn-2DOaVXe7KSGWTERjK-2DLQcsSl9wLZyRTS8s26vP-2Ds3urztAYJaZGuz2z-2DEvkQzWZ-5FEPb44-5F4lcN9Z2SWwnD2dd98pv5PdMJdr37kWvGKz1EfHxBjHuOgOLRpsQ8nJBrCo7PVL0jUth2V1b-2DrGoM3X-2DE1pleex7mPJcnDVZQSnE6vyAhV6ebdBFhvczag3Nd4dX6wxlWjMBTpqFy-2DppGdryXUoOjpcdhJHyVtPrGr2lBOttsA8trXF9Kk8VNoJi7LYsxhqAAcA67px-5FtjmQ1UF33mLM46kPG3NQsTP4oYODvSMWIEWsTMUR7znvbwKCtjNBUluJKJk0LyxPMjk6q2s011KGYLhj7qdX9y2H2MdHUvzRCGDOSkW9fBhv1tXSbmQ8PK-5FUl8qsJBqqX5mCauLKTvYEU-2DVV9z6xMeUAXVsofZie5n1gAh-5FtONLPonI6WFiWXldDev6sX-2DePfxYAkg1FiuYF4lDprbBVDajD1syI3fcKmXyL4OtoDU5soRXs15xG4mBI9rxwCx6qUcHDDhsA3yGcIoUwCo0h3jd94POUkjXUHnQPxI21YU1OlseHRc-5F4i-2D5oGwNil7HGSFa05x6XjgyMxE1dJrBksMG3EMkPm5JDXV6F-5F01Id4zemaoZgzooEh-5F7fv1E4Zv3mE1qdYUsorfnHlmQs7ASpv9l3gGSRkrARskqTZ4x-5Fy5oew6kflzRIj7-2Da8xMPESmp4Ss4ysUv0BYOs7qyz50af3NUaft-5FZHoHG2omhT0-2Dm5SUZLO8eFxJgYR9B0LCmtaUlxE-5Fzhrf65vPvj09uu-5F9ooIQn0SOUz2XzNOSUcB1SfIUxSHGuQHxx1mdUOV-2DkWq8gjzkXPH7o5rqzHT440EE1bZFO2-2DdB69WZuGRGhCwR8-2D6fUNe9sHEcfVFJZMRfCDRJpyBddQR3k1d8xLEdt69UQ8jzdsPhXcIwHXohaHCZWkpb-5FnU1LGnWmoNTXTf2ObuXuNkoJVECqkDMWrTJpoVasChvrWli5pAPEY5soALmEjeoGMIF6Hz-2DpmEREulECXlldG9gpC2XP0Y4VyOKzA4A2j3sPDWBZC62iJqmJf5AIRgEqUQ75KriJKCgRA-2Dj7HsVGUyukVsrYpzyQeagJuEe96BbYbFIPdEpzxack4vbeBgqvtnggnsxgF6vrUASb9x4Hiw1JdCBLx7bQU-5F-5Fqfy4q-5FmQ4OCFse4Xn7fNOq-2D1FmaOKDr0qjVUnKBCh9lQzt3rRixmtEMdnhubhUSEzxHkmdwIh8BkYJOkx2w62wwFirwUPMCVPy94lVPWLW-2DuHrOleEAaa20xNsBKGYcAs4GmCVU8dKkztp32GnfJf1ydkOAPm6oUBJzWgwMrd6ebt1C1kdJCeSxdSXCaG8aSdYOu1iQDa7TNMP4FuPQvkUrx90mAYbmuDzb856LqJN-2Ddk7k8yv2iuQf1yml0Dy0YXCH3HVt-5FJ0Nvjqr1WjpDG4OcBQSYf-5F5dDSLS4TBwsFEt8CRAVf3fSScBMvf12-2DOPaEFL9B2ZE7N76zHl8f5c4nHhkqDBzwGJ0px8X3HVRFS8J5DaMRwDBlloXGiTUd-2Dr0ms57AGjDPw0rxEixXmFze18TpWk0zceCxayfhK6rk-2DJt1IFOY8Hirr6zmmatyXGOR9qgY9WFjNTUY71f06Fy5uFStzAtypUxhRb-2Dqodzz05uTmDcyB4I7MAKvEHNI-5FQPxkG2VkZTY02PaVAB75TS9i2yr0AGoQwGwSxuOPBeNjO9xBZwJT80rqoHp457sjFwvk9sXTQNlkE2riskMYltJuy7NHur3-2D6adW7QSBeBpOpK8D3lwb-5FbC4mqTO95om6yDs-2DlZznTHl6Aez5IlXeRKpRxt0Zv5MGUttISwU72GosppeZ8qjEwuwbtj4t-2DhsdSOMNkvt-5FZdxCwGVRt6yjK09IYiGhUdJd8nybTtrFnb7khWVflBalY2f3qGnBrbQWTopeL9anXmEe3I1yFnpcfk5xmu4sVg0QFFcr8oZO67xLIktFogmRtIOl-2Dxn7-2DBtuzITk6B1eBCv5q3s5aMdiZDXO0v0giI3YF0LV9yxkvoqJsPu3xhvvvoqrHX1Qc-2DnuZ5g2WBbCfSvLRjCi7Ig5sVYNrI9C091UFB1OTyJuVShC-5FORmikKLXzdjq9GeQqNt8wQ5I3ucg-2DNqlxhR1hTkdz-2DeUu42tA6eCQivymiE8aEEzASdk6BL-5FjNnksjLRhIdaMZXZAeaLWaRIEevaL788X1E3KMC74O6JTzxXPbqLh5swqgjtRQoGbzeosjQgZ1lciwso249Ti1Gesgqc8-5FDhj4f2rM8flFSk-5FzuGTj0HgImdgTrvkvqsRovKGVQC-5FGh1LJTy6jJCGo2heH5-2D-5Fd6ljCqSo0D8OT4GQmjWzniqkisLVAZqfrnfHz2gtOJQIMw5dR6yi1x39xqAtXg-2D5bRN5uVmz86Oj6Il0fNRVgSs3URoyTeIZdkVBjiN3qW-5FnF32rOxV09OQGiF-5FLD9lvWs2yU39EG7pwRJL0aY1rOBqNWwvnJMsHGWNAF-2Dfd7mZsgakkfGUSuN1-2DLPgK6UgsBx2-5Fit92NnPZzS7gNNrZTx-5F09DpaxN1QBKhkRDmNV10HEtS-5FNzo&d=DwMFAQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=nd_0ZWqP5-KzdaWZtXSjszcklBG74jfT6xVTo8CTwTM&m=b_jNuHWhyblLq2-yfyxWd0Tu0-3ORCYk2ZJQB1dIoUx0uQJXsbY0iKRIvrbXsoRt&s=OpCcJOBJ3-jMFcNx6s8aB7kZb15qWCgXlD8T7YLg6_E&e=" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | explorer.exe | ||||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft Edge Version: 122.0.2365.59 Modules
| |||||||||||||||
2096 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_xpay_wallet.mojom.EdgeXPayWalletService --lang=en-US --service-sandbox-type=utility --no-appcompat-clear --mojo-platform-channel-handle=5428 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Version: 122.0.2365.59 Modules
| |||||||||||||||
4040 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5484 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
| |||||||||||||||
4244 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6420 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
| |||||||||||||||
4688 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.59 --initial-client-data=0x300,0x304,0x308,0x280,0x310,0x7ffc87fc5fd8,0x7ffc87fc5fe4,0x7ffc87fc5ff0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft Edge Version: 122.0.2365.59 Modules
| |||||||||||||||
4756 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5616 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
| |||||||||||||||
4988 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6668 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Version: 122.0.2365.59 Modules
| |||||||||||||||
5064 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6660 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
| |||||||||||||||
5244 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4092 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
| |||||||||||||||
5608 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6556 --field-trial-handle=2336,i,6347065372868912976,5708471701947536505,262144 --variations-seed-version /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft Edge Exit code: 0 Version: 122.0.2365.59 Modules
|
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon |
Operation: | write | Name: | failed_count |
Value: 0 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon |
Operation: | write | Name: | state |
Value: 2 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon |
Operation: | write | Name: | state |
Value: 1 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics |
Operation: | write | Name: | user_experience_metrics.stability.exited_cleanly |
Value: 0 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\LastWasDefault |
Operation: | write | Name: | S-1-5-21-1693682860-607145093-2874071422-1001 |
Value: C26E82386B912F00 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\LastWasDefault |
Operation: | write | Name: | S-1-5-21-1693682860-607145093-2874071422-1001 |
Value: 4DE68D386B912F00 | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\262786 |
Operation: | write | Name: | WindowTabManagerFileMappingId |
Value: {C0E55052-71DE-46EA-9B34-F5C52D92F8CF} | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\262786 |
Operation: | write | Name: | WindowTabManagerFileMappingId |
Value: {9D63F403-F164-4F2A-B123-A48D5ECC29B4} | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\262786 |
Operation: | write | Name: | WindowTabManagerFileMappingId |
Value: {824F8538-0461-4314-AE3B-5B3D8C5DD4AB} | |||
(PID) Process: | (1180) msedge.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\LastWasDefault |
Operation: | write | Name: | S-1-5-21-1693682860-607145093-2874071422-1001 |
Value: 88CE05396B912F00 |
PID | Process | Filename | Type | |
---|---|---|---|---|
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old~RF10c70b.TMP | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old~RF10c70b.TMP | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG.old~RF10c71a.TMP | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old~RF10c71a.TMP | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG.old | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old~RF10c73a.TMP | — | |
MD5:— | SHA256:— | |||
1180 | msedge.exe | C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old | — | |
MD5:— | SHA256:— |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
6544 | svchost.exe | GET | 200 | 2.17.190.73:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
— | — | GET | 200 | 23.48.23.153:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
1228 | SIHClient.exe | GET | 200 | 95.101.149.131:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
1228 | SIHClient.exe | GET | 200 | 95.101.149.131:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
— | — | 51.124.78.146:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
— | — | 23.48.23.153:80 | crl.microsoft.com | Akamai International B.V. | DE | whitelisted |
1180 | msedge.exe | 239.255.255.250:1900 | — | — | — | whitelisted |
3216 | svchost.exe | 172.211.123.248:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | FR | whitelisted |
7248 | msedge.exe | 13.107.42.16:443 | config.edge.skype.com | MICROSOFT-CORP-MSN-AS-BLOCK | US | whitelisted |
7248 | msedge.exe | 150.171.28.11:443 | edge.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | US | whitelisted |
7248 | msedge.exe | 13.107.253.45:443 | edge-mobile-static.azureedge.net | MICROSOFT-CORP-MSN-AS-BLOCK | US | whitelisted |
7248 | msedge.exe | 13.107.6.158:443 | business.bing.com | MICROSOFT-CORP-MSN-AS-BLOCK | US | whitelisted |
7248 | msedge.exe | 52.6.56.188:443 | urldefense.proofpoint.com | AMAZON-AES | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
settings-win.data.microsoft.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
google.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
config.edge.skype.com |
| whitelisted |
edge.microsoft.com |
| whitelisted |
edge-mobile-static.azureedge.net |
| whitelisted |
urldefense.proofpoint.com |
| whitelisted |
business.bing.com |
| whitelisted |
bzib.nelreports.net |
| whitelisted |
PID | Process | Class | Message |
---|---|---|---|
— | — | Possible Social Engineering Attempted | PHISHING [ANY.RUN] Suspected Phishing Domain (doghouse .com .tr) |
— | — | Possible Social Engineering Attempted | PHISHING [ANY.RUN] Suspected Phishing Domain (doghouse .com .tr) |