hxxps://www[.]zalando[.]es/ropa-de-mujer-camisetas-y-tops-=ebajas/?camp=es_summer_lastcall_cw32&wmc=CRM34_PRD_ES[.]ONL_SBS_PMT_=M36_036_230822[.]&cd084=campaign_cta_ern[:]campaign[:]cfa[:]ff4130a1-754c-43=8-b683-d7c41f9e0b05&cd085=b322e202-b89b-460d-9d5e-980d0001467c&w=_cd=2c4f91d8cd58894bc3b2326861e0ac39&tm_hem=908baf25f07f6938bc3957=c312bed4a

Analysis

max time kernel
259s
max time network
296s
platform
windows10-2004_x64
resource
win10v2004-20230703-es
resource tags

arch:x64arch:x86image:win10v2004-20230703-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
23/08/2023, 12:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://www.zalando.es/ropa-de-mujer-camisetas-y-tops-=ebajas/?camp=es_summer_lastcall_cw32&wmc=CRM34_PRD_ES.ONL_SBS_PMT_=M36_036_230822.&cd084=campaign_cta_ern:campaign:cfa:ff4130a1-754c-43=8-b683-d7c41f9e0b05&cd085=b322e202-b89b-460d-9d5e-980d0001467c&w=_cd=2c4f91d8cd58894bc3b2326861e0ac39&tm_hem=908baf25f07f6938bc3957=c312bed4a

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1556	msedge.exe
1556	msedge.exe
1156	msedge.exe
1156	msedge.exe
2532	identity_helper.exe
2532	identity_helper.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1156 wrote to memory of 2828	1156	msedge.exe	55
PID 1156 wrote to memory of 2828	1156	msedge.exe	55
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 2056	1156	msedge.exe	84
PID 1156 wrote to memory of 1556	1156	msedge.exe	83
PID 1156 wrote to memory of 1556	1156	msedge.exe	83
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85
PID 1156 wrote to memory of 3748	1156	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.zalando.es/ropa-de-mujer-camisetas-y-tops-=ebajas/?camp=es_summer_lastcall_cw32&wmc=CRM34_PRD_ES.ONL_SBS_PMT_=M36_036_230822.&cd084=campaign_cta_ern:campaign:cfa:ff4130a1-754c-43=8-b683-d7c41f9e0b05&cd085=b322e202-b89b-460d-9d5e-980d0001467c&w=_cd=2c4f91d8cd58894bc3b2326861e0ac39&tm_hem=908baf25f07f6938bc3957=c312bed4a
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd9c946f8,0x7fffd9c94708,0x7fffd9c94718
  2⤵
  PID:2828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:2056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,168802443859229021,3311928808191385308,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5012 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2176

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
875ff767b28ee206a0fbe09701ddfab0

SHA1
72f8d9e81b079564b3c41dca34a2af29a22b3e2f

SHA256
40fb08ed3d83ed4f9c5beb3aea2d7dc15729940a017c95c9b53140185ddbb0db

SHA512
3477b4bab53d2bb84fde68a7973995488961b2a75a5d8daa435eb342ebf1e3cf9ac73f76a981641d271c8c27167700007e7ed9249c30148833a76188dac3cbcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f6f47b83c67fe32ee32811d6611d269c

SHA1
b32353d1d0ed26e0dd5b5f1f402ffd41a105d025

SHA256
ac1866f15ff34d1df4dafa761dbb7dc2c712fe01ac0e171706ef29e205549cbc

SHA512
6ee068efa9fbd3c972169427be2f6377a1204bf99b61579e4d78643e89e729ad65f2abcc70007fd0dd38428e7cd39010a253d6f9cd5e90409e207ddaf5d6720d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
818b9df195e68feebe0c2d70e0ef0abd

SHA1
39c22971e7cac02f81c97ebaaaf9892b91244df8

SHA256
c2c7f7f05957156b4af3433fe628f99515550f273619523e4635d85c7b6a2fef

SHA512
c18f40ec974b0564c225d439b79d2d3a46c73ae656f1d8950927ddbfbb83c62dc4e6872c4523c5363e0c54cc0dcea6339ea94c6654734da0a4ce16eed371406d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d5e3ed4f93790368fa421ca0e610c127

SHA1
ac7f42b365673b2640ee35e6cb9e92ef5c5bc1e6

SHA256
f3d66c39c1efa4a4ac7ff2f0b1129347e6f8459501c2ef04c4304902e4546cbd

SHA512
e2358f7935afe72977dcacccffb637b4fcf79d968bc07d0d5fc3fb6b780685159062350bec56fb92f1baf644bf6981de9da20fdc51809d69572c78d269dfe8ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b512da5e81fa4ee2889400bcc47f4b03

SHA1
81c84557c2d8a51d3fc930befd5fd17066c37cb9

SHA256
5554043a1efccf513d9ff41706c8e01b3187edc09abffdf8a73c0c8690161f46

SHA512
f621a9b89720dbaef1cba5093c3fdb734aadc9f3650c093c1302c3b5ed4585ec0964a434c9a75853aa78c89109e16aa86bae9dcc175237d186a44ea369f1de43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
222b25b9f0319ed085a23ba151ac99ff

SHA1
b4db54148b3baf3c0f4bad1fec6bb49cc1f39cf2

SHA256
9470dbb50ca7c1999957db56d25d318a21b666ed0c91350532a08255db011fe5

SHA512
2aa602e808ae4037d8492dae85202ca0bb498e46022aebf9415db11ad22f57796c233f93ef58d7fb9b11406928cf4e339f53b359b2d8e08b02f878295818a19e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
5544c64f2a8f49dabc19eb84267b1c9b

SHA1
c5b78d63a8bab1c7b985f7ea2f268d0d7809071e

SHA256
a1fcfee2974a77e76a7431a2069db301861ab42dd41769cead8697f41f5a497f

SHA512
38c80d7c810441fc87beff38929473088cf426b0a25a30820d8a060f493350d99bb8521b314afe00578ea54648fce2aa4e55880a83a4f1048c56307991726565

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
4145c94fc5e50b239d5a5934f0a1fc27

SHA1
a0b14386b6f739bc65a1acaa788e7bb5fecb94e1

SHA256
1a80b1d4a6034c08a14471899c97228aa76f3ac51b9afc524920d705fcd25556

SHA512
9dc6b1e60f40c331758f4b50bdf0485806bd1b625d81cda18413623fba129456a47450f64c8612d7f06e455e7dd535b72f710bcbf65390bd661c8b2ae890b123

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f2bc.TMP

Filesize
48B

MD5
659c68d3a3ebb5b0b4922a36b8d13803

SHA1
6b079b7430a46161f96bb0611b0d6ac70b2c9b27

SHA256
19259a78cc3f69c966d1b074c59183aa73eaca91d4805bf84884eae348d5de85

SHA512
813f15b0ef99d0453616e1198536ae28da7d6136e81c7dfa94a67aa374d9d1239d0bc2760e48d6aa13bc59162554d1089ce4693fa6444ac13cd3594b8c76ee35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
b606c8540427951b83e2f63ecda03cb4

SHA1
f794057abd462486ddb775fd11966e5ff3bc10fd

SHA256
30b45dbae96e561adebe5a0d1bfe252e8e18655d8b8655e480f8600e177922bb

SHA512
95b7b97a4d8bdf29159e0b7a65c7e12ca82003c4207c2e68b2874e0cd7235788b4dac44638c2ea255394155dfc54fd70dbbfb080df87ccfedfd221fd4c01e19a

Download Submit