Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

URLScan

urlscan

1

http://teruggave-bdi...

windows10-2004-x64

4

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/05/2023, 06:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://teruggave-bdienst.com

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 2 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://teruggave-bdienst.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3948 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:4560
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xf8,0x108,0x7ff9c0c846f8,0x7ff9c0c84708,0x7ff9c0c84718
      2⤵
        PID:4140
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
        2⤵
          PID:1544
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:756
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
          2⤵
            PID:2512
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
            2⤵
              PID:3936
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
              2⤵
                PID:3444
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
                2⤵
                  PID:4784
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
                  2⤵
                    PID:3424
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
                    2⤵
                      PID:648
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
                      2⤵
                      • Drops file in Program Files directory
                      PID:2812
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ff608135460,0x7ff608135470,0x7ff608135480
                        3⤵
                          PID:2088
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:3828
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
                        2⤵
                          PID:4624
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
                          2⤵
                            PID:5172
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
                            2⤵
                              PID:5332
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
                              2⤵
                                PID:5464
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
                                2⤵
                                  PID:5456
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
                                  2⤵
                                    PID:5796
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
                                    2⤵
                                      PID:5780
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                                      2⤵
                                        PID:5316
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
                                        2⤵
                                          PID:5636
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
                                          2⤵
                                            PID:5844
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1468454380368183658,12649700935845030071,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
                                            2⤵
                                              PID:5520
                                          • C:\Windows\System32\CompPkgSrv.exe
                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                            1⤵
                                              PID:1940

                                            Network

                                            MITRE ATT&CK Enterprise v6

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
                                              Filesize

                                              1KB

                                              MD5

                                              92339b746839e9aaa0ffd35c86d828ef

                                              SHA1

                                              f882cfbd0df5c0d36f81a638c395c2d801870033

                                              SHA256

                                              4edf525c9c69de7d35a1b686eea22b8932cfc303b312702e28e6e39ad85f548d

                                              SHA512

                                              3e99644cf7789e5003a36508fa474696be3d5f74f3b6cf213d5d75552e170de288e576d4e3ae7662acf418b3da4ebadb87cbd775cfaf6d7a4da1595e37887883

                                              Download Submit

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
                                              Filesize

                                              471B

                                              MD5

                                              c21444748ba8f51ef6ef531f3b4e2f68

                                              SHA1

                                              af1907ff43ab2c03e0c05044017533cb6eafff5a

                                              SHA256

                                              9d80886561b2301975168964509698c1f96e0ec7515a553a34b6a78690065563

                                              SHA512

                                              bbb8f887d412ca48ea707315135687e5948bfd3f666b046a13a392aca9edb146d85c99516c4f8985c94e8ba777ca1b09a4fbea5358da72041424ed6334d2ed5a

                                              Download Submit

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
                                              Filesize

                                              416B

                                              MD5

                                              1b10e5565295faf37e82c41524360e0e

                                              SHA1

                                              bb41529fd1bce758e4508de3f2bb38c31b1b5554

                                              SHA256

                                              5448ef7bbe9c26fcf9c1a2b403de36263a3770c0757b85f4b3b3a10954b149ea

                                              SHA512

                                              22d8e9303fbafd7d61ac5354edc894983b4359d20fe4bfdd3af89c7c2fb689207b53805dfbf577f64c1fed756956e88c41d860be5521269be270e590a0816515

                                              Download Submit

                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
                                              Filesize

                                              404B

                                              MD5

                                              bc914057677db07ec7fb038df9e627b4

                                              SHA1

                                              11df456fb4e77f8d8e341cff33f3b6d1ee59f044

                                              SHA256

                                              919df86c0646df2af832b41e3cc59cb30c35a6bcb14b4d3eb17cfa0708736066

                                              SHA512

                                              65e14b081ac47761b107055689463d7c7221466d1eeb7ff20b167943f0941fd5e7e53afbdbd0123fe3a8893d6277bbe087a03e46a5511b0a9a401481e23cf3b9

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                              Filesize

                                              152B

                                              MD5

                                              cd4f5fe0fc0ab6b6df866b9bfb9dd762

                                              SHA1

                                              a6aaed363cd5a7b6910e9b3296c0093b0ac94759

                                              SHA256

                                              3b803b53dbd3d592848fc66e5715f39f6bc02cbc95fb2452cd5822d98c6b8f81

                                              SHA512

                                              7072630ec28cf6a8d5b072555234b5150c1e952138e5cdc29435a6242fda4b4217b81fb57acae927d2b908fa06f36414cb3fab35110d63107141263e3bba9676

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\11e1be0f-e648-4faa-afdf-97c86c30c091.tmp
                                              Filesize

                                              24KB

                                              MD5

                                              1e79203d0f70092bf25058099947d5c6

                                              SHA1

                                              20d5e2bd3a2ef807207bc3981bd5494c34839c0e

                                              SHA256

                                              decca6fa6de1f0dcc2b46a7c45e62d1754fda43b509d92393c628d56930851a6

                                              SHA512

                                              b06c5cb26083e2ef7a407be262f37d83d9fee4788e30a94ce258639f7c1fb2ccb4e37ca9b77e4fb30c0fa0a9e80f94a5b9719efd2499c87deafc87d260eb0568

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
                                              Filesize

                                              162KB

                                              MD5

                                              44ec03cb3248c903b67751ea27df310a

                                              SHA1

                                              c57e9cf90caf30457e9d57db750b8a0eb8856770

                                              SHA256

                                              d4de4a836d11828dd561db1eb8d7fd48a7e0ce9afd8645e2eabb19a1267b6894

                                              SHA512

                                              657e8958d97eab524224bbd8903e0bd7d0c2640805f77da7546060164fe03f7b6ece99a005ef44e41b7233a2e24ffc63430b2fe3c87f61a1b26e0d7c7e52c365

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
                                              Filesize

                                              70KB

                                              MD5

                                              e5e3377341056643b0494b6842c0b544

                                              SHA1

                                              d53fd8e256ec9d5cef8ef5387872e544a2df9108

                                              SHA256

                                              e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

                                              SHA512

                                              83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk
                                              Filesize

                                              2KB

                                              MD5

                                              0cf499d0b9993ad43393af7b245cc28d

                                              SHA1

                                              fb1a47e82c2113b9e4755b8be7a9b68763ffe7f5

                                              SHA256

                                              044952a7547b4b8ca469abdc91a6772076868ad4502fedad31748c767663b17f

                                              SHA512

                                              dd9349a7a04526d8715c762a69eccab8e9a3039628c490598352f4d22c65b524581759965eb9b22aeb9d6b75806406bb770aefa94732d2cbb6b20488a98c5fe6

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                              Filesize

                                              111B

                                              MD5

                                              285252a2f6327d41eab203dc2f402c67

                                              SHA1

                                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                              SHA256

                                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                              SHA512

                                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              5KB

                                              MD5

                                              ff2e7e75de124ae8462b73b35babaf14

                                              SHA1

                                              77a58cdcb031c1be668b06960a98f4138c28aa4f

                                              SHA256

                                              5130a21d52e4efd88226ab274f498baddc1f96a500c2aae77982de8187fa67d7

                                              SHA512

                                              1f20dbb9af5f99edca62e970df3a4f1765588dd6ea775b1d7d062f568b401cef14f3031fa9f8cbaedf67c399785b1aa9402d2268003d503ad2b073dac7d16f18

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              6KB

                                              MD5

                                              197087187c4e345006d368c3521334a0

                                              SHA1

                                              f0f4665191bd82496ae8d23c89541403fbde3f08

                                              SHA256

                                              9c673f212f5345916ff7f87fe8488e83c5825ee876e03e704dddb54e7808c84d

                                              SHA512

                                              58d12bb779cd1a5da1db7d1c58514964ef512fa1f8f01104c3cca0847616e4880ff45c5eeb0dfa8c787ae14b3dd994a9661418aca39c0e841468355eb31863ca

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              7KB

                                              MD5

                                              e2200982991bd4c9055cb27dea1f0635

                                              SHA1

                                              bb885268e10464f0954e01bd98b983ddbfb54262

                                              SHA256

                                              9adc56af64ed5d72c5cae3c1401cb263dda6b17710438376cbe634fcb9a098c4

                                              SHA512

                                              ad2c37cc3bee3cdfed8af5a8f3ad5dcfebfd41cdfb5cd43dfd44dedc74ff855adab06656da261eb91a8cca4c92e82394d0d78fca983c57c294e6689b3ce9be08

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              8KB

                                              MD5

                                              ad1c2a4ae1ce5631c2cfcdc705a355b5

                                              SHA1

                                              6d7f8afb7e03260d75bf2e1178ef4ea1bdf523d3

                                              SHA256

                                              96457bffc3e20afbba280f207d162e1e957d0275297f8aa76a7da9182d242e9a

                                              SHA512

                                              e11a645ec53e71c7da2b84966f021270b0d7567c5f6bbf448b0336370eae0544564ac07e4c88201d36eb69f66f80a60a86ce07ce07f68323cf9da649e1b109e4

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              8KB

                                              MD5

                                              8319cd9c0e7be97ec79054adc666ef24

                                              SHA1

                                              9c0643f8176ffd6e58fe1471f825eca407cb8faf

                                              SHA256

                                              edbd2281a49783a4fb3290b4caf59c1dde6c5c5b583a5ccd9f9ac1916b9c0037

                                              SHA512

                                              f28200a59052c90b6e09467e9760b31fa6fffee30997ec78ccc19decdafff1088b04990a7c398efd1e7b29e672f4cdabd9ed9c28e28851abf60c556db3689c91

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              8KB

                                              MD5

                                              befa212382f67e07c9d976720292739e

                                              SHA1

                                              6550ce2ab30fca226374cd69c7a4bcb367fd3d37

                                              SHA256

                                              ef3935591f52a494bec6841d2caffdc89128897abdeab0c0c3567b0b77116d9c

                                              SHA512

                                              25df668f70a6310ae806d129b215a99c504252142bb02d6cddc6b645b3708bab0c298b0eae4fa1f1cb8e4db554355d0c806d7bccb95558157bffa51a5658651d

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              4KB

                                              MD5

                                              095c049823daf0a55eca08ac8a3c5307

                                              SHA1

                                              2246bab550f6b7610033b1e052ea5b32850a0aca

                                              SHA256

                                              d939754aa156aa6e7d47ad609f468a52b489df86d99e04ea0f92a87a229fedc5

                                              SHA512

                                              ae4cae91712410457fc7f7b787a6a67369b4d9c3048d72edf2022d2b43c4fea3f023636b19972b5fc3e8ac5eabed62b7e71d8a9ce42bd4b2bed3de1b3f799563

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                              Filesize

                                              24KB

                                              MD5

                                              1463bf2a54e759c40d9ad64228bf7bec

                                              SHA1

                                              2286d0ac3cfa9f9ca6c0df60699af7c49008a41f

                                              SHA256

                                              9b4fd2eea856352d8fff054b51ea5d6141a540ca253a2e4dc28839bc92cbf4df

                                              SHA512

                                              33e0c223b45acac2622790dda4b59a98344a89094c41ffdb2531d7f1c0db86a0ea4f1885fea7c696816aa4ceab46de6837cc081cd8e63e3419d9fcb8c5a0eb66

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                              Filesize

                                              16B

                                              MD5

                                              206702161f94c5cd39fadd03f4014d98

                                              SHA1

                                              bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                              SHA256

                                              1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                              SHA512

                                              0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT
                                              Filesize

                                              16B

                                              MD5

                                              46295cac801e5d4857d09837238a6394

                                              SHA1

                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                              SHA256

                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                              SHA512

                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
                                              Filesize

                                              41B

                                              MD5

                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                              SHA1

                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                              SHA256

                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                              SHA512

                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                              Filesize

                                              10KB

                                              MD5

                                              eb58b99dbcb04345ea4217c5e047ef51

                                              SHA1

                                              4ca1db9a363fe1c9a8fa9d453fd45fbea2a43d54

                                              SHA256

                                              4db791e080ecc5a3f85c83b2d37235746cbe66b29da3da0d6dbb03dd73f2c37e

                                              SHA512

                                              56ebfed3f8d182d3e489b8edb0a7ae360e12ef12d0293cfd5e30edd8974e272ccbc266c1d50ec307f49edaf23b66668d8a642318368d51a9b27c0a2dcc1b8432

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                              Filesize

                                              12KB

                                              MD5

                                              f276647d384da2dfbd48582e8ede630c

                                              SHA1

                                              1ad1333d5f9501445720f92d82db7778f35faf7a

                                              SHA256

                                              0b213bfbb1392b1d71c57a40296a9770cc8657f87f9810fe301d5428e73f0a4d

                                              SHA512

                                              a0f3eefe3af19afef5b907f120617d481ec540d5697b282c12c3ff91f597b609376add40b8f8690344390d2e9c0322c9c432ab3a8a0f1a372b0a1a51c49ee8f7

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TUIJN6ZA\suggestions[1].en-US
                                              Filesize

                                              17KB

                                              MD5

                                              5a34cb996293fde2cb7a4ac89587393a

                                              SHA1

                                              3c96c993500690d1a77873cd62bc639b3a10653f

                                              SHA256

                                              c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

                                              SHA512

                                              e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

                                              Download Submit

                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                              Filesize

                                              3KB

                                              MD5

                                              bfc4a75e79859ee3c92389bd19e2fd03

                                              SHA1

                                              57082c47dde1ca9c38220287146ad06819169b45

                                              SHA256

                                              393403fbfc6169d5df12924ceabf423e34950985ed2d1f987be6979c6f75d3e4

                                              SHA512

                                              04f7636f640c0e6d10e5f937661fb46067d42b9f507fc1b693f18544d1bb33ae7edca9633079e87745d4a09bf5f0d93655eda4406d1d656cfe7d54ad106a6fbf

                                              Download Submit