hxxps://bruraltop[.]jimdofree[.]com/

Analysis

max time kernel
146s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
01/10/2023, 23:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://bruraltop.jimdofree.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3308	msedge.exe
3308	msedge.exe
2952	msedge.exe
2952	msedge.exe
4348	identity_helper.exe
4348	identity_helper.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2952 wrote to memory of 544	2952	msedge.exe	49
PID 2952 wrote to memory of 544	2952	msedge.exe	49
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 1748	2952	msedge.exe	86
PID 2952 wrote to memory of 3308	2952	msedge.exe	87
PID 2952 wrote to memory of 3308	2952	msedge.exe	87
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88
PID 2952 wrote to memory of 468	2952	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://bruraltop.jimdofree.com/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9cc3546f8,0x7ff9cc354708,0x7ff9cc354718
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 /prefetch:8
  2⤵
  PID:2840
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,5540141298495095392,11076826230445306892,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:932

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
867B

MD5
c5dfb849ca051355ee2dba1ac33eb028

SHA1
d69b561148f01c77c54578c10926df5b856976ad

SHA256
cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

SHA512
88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
647b65203b10a17b39633592ae0ef761

SHA1
f511089e856314e15165a845d2e1557c5dc3246c

SHA256
220efd0bf68f403bf83e4545d14039c91261453444aa9b4e296170fc896a5e3e

SHA512
88d9fea24d133e42b3428bbf4bf9f3f06b10177a98dae98b14eafc5cbc06b6cb6772e88eedf7adc967035659adf169b60ac7cfc2784fff0260139a44da643ebd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
242B

MD5
346736d8b69610e5abe4cbcf3753d694

SHA1
43965d2b30721f4599bb0ae697b9ae50ce557d38

SHA256
46a068f729cadb42c7effdac0db7d16479778bcd33204d61527067d21700e46f

SHA512
0bfa863b5af17ac3ae2d4c9035f7496b504577977d23b43f4f0d1950c46ae1d6306c30270f75f742848fc8d2910479242058c0c5e9d028ab06e9c5d7094ce2bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
16c2a9f4b2e1386aab0e353614a63f0d

SHA1
6edd3be593b653857e579cbd3db7aa7e1df3e30f

SHA256
0f7c58a653ae1f3999627721bad03793edc1e9d12e8f5253c30b61b8478f5c81

SHA512
aba1ed22c7b9ae1942d69a7cd7a618597300ae5c56be88187ddec6227df056f81c1d9217778d87fa8c36402bce7275d707118ff62d3a241297738da434556e06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7309ea558e174cfef27c8255f51a21e3

SHA1
e8ae19bae8e23e704105a584a529edc1c3761489

SHA256
75a5197fc6c0a61d9ff5013206543a759cc1f5cbf1e5966688d15033cf119926

SHA512
0781c3d23a1db415da9eb536ecd1a082631f4c41fd383ec8a62c3dfc9a2fb5e4529391c8cdf55ea42506c2ae8bbf21db193265bbed29b395ac49989f2504b8ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
335B

MD5
4811877ad339bedb878a4943bd82c7ae

SHA1
dbe20bf8538dca97709c5f07528ccb2071a92a9a

SHA256
ca9451b5bda1b13d2100b58eacdf2b9680998c351a2993259505fcba33fb0ab1

SHA512
f16f941bc337f285d703f0f6103fbfdc24b69b8b6004ccb6c76e0e176338bd6954aa3aa88738bd9488f38ad661030577e40e7acd1b6dde6036d02316702a446a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4cdd2709227e765d04051b8deefd9e4c

SHA1
8f095807a952a560b1a497192dca3fca93be3f0a

SHA256
436c396edc5ce650bc7cc530fc8293cf83b74d8b0e4ff6cb7b1424bac9e0bed3

SHA512
e084701a65a96aa987d98df2129522cb67796e3fd580b5aa64554cfefa46a8d413f56d91fe1d70eb75585a63b8b86e139c6435a9c2be419f581d549c1c7a6193

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2146b28d87a79d5a5dccb27f15848c01

SHA1
4da934f29fd9fac50403d86fa0596759c4b5b3ef

SHA256
aeff41f6b806a7de19e474ef4b7a5479f47c68616cfd2544c7ff63926bfe84ac

SHA512
d775a4d14366320a1086907a8ef822d568e465449e22612ff95a1c2a29d3aa1a31b59f7b0a30281753b68bb66b38c483c3ecf3bb2591b77ded218f17bf728eec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
128e7b294d33a59da653da90952a1dde

SHA1
73c20bb3149e23e8be18d43ef2c5be08e8bc5ab5

SHA256
a60cafc69176f8071bcf79045c0585e7d97d90f90bf0e2415a5ab976bca702f6

SHA512
9096c006eb131279324d858150a40008295635141908fda63113a15b2c5844314ee5d079f2c21e4d01491d88137fb0e538f5f98c6752a1ea478b41840cef52b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
699e3636ed7444d9b47772e4446ccfc1

SHA1
db0459ca6ceeea2e87e0023a6b7ee06aeed6fded

SHA256
9205233792628ecf0d174de470b2986abf3adfed702330dc54c4a76c9477949a

SHA512
d5d4c08b6aec0f3e3506e725decc1bdf0b2e2fb50703c36d568c1ea3c3ab70720f5aec9d49ad824505731eb64db399768037c9f1be655779ed77331a7bab1d51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
14702d5c3abf318a48533d04557291e2

SHA1
b189d55c8d772c5d9730dc8d91b87a6967509b53

SHA256
6bf7bc83c9ffa50ce07cc53126875d032cf9553991cebdc7d65036d1810fac90

SHA512
d2cc04a667dae4d851bee0f54967cb359cfabae16a4255ed32870660f230bc15edd99f26fd8f43c028c3c1cedd432d7f0bfb407af09e2b97d30465aa4439411a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b90f.TMP

Filesize
371B

MD5
a42c0c7d35f6df1f0cbc61d53a88a78c

SHA1
72f5a50e083dad48f5008e9fd14369c72a3e854e

SHA256
54f2a78ce4ba227815f95f255ae5c465b21fd1c8e83e23008687ebe2f4546828

SHA512
6e9ca1ac54a6ed7737183c6ab61fa14b4f429038d49a7d8e69a55faa0de9fc26e2d0a6cb1d23b040af1d4dd91adafa72221057bcef8f0694e3b40870c1759d95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3da18e46ee285e6acb3803626752acfc

SHA1
2c70c9f62da5946eab7bb46ac9430b5b3acf327c

SHA256
41f41ca3790e7033a0f59132f194efdc86de9ea5c95ac840cd491a858f8712d2

SHA512
fe93c573ee7c144d2b4dd821aa303e8eafe9949426377a3ebda26854cf39bd7ad928243d3c00a918e28118ed8aa4bd1e234dad062037880affe39c195fc53803

Download Submit