Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://3dprintingbri...

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2023, 09:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://3dprintingbristol.uk

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://3dprintingbristol.uk
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4092
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec4a146f8,0x7ffec4a14708,0x7ffec4a14718
      2⤵
        PID:2108
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        PID:5004
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1948 /prefetch:2
        2⤵
          PID:4568
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
          2⤵
            PID:4564
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:1820
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
              2⤵
                PID:4872
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
                2⤵
                  PID:4808
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:3468
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
                  2⤵
                    PID:4764
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
                    2⤵
                      PID:1196
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
                      2⤵
                        PID:856
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                        2⤵
                          PID:1360
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
                          2⤵
                            PID:3620
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
                            2⤵
                              PID:4484
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
                              2⤵
                                PID:2456
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
                                2⤵
                                  PID:2628
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
                                  2⤵
                                    PID:4956
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
                                    2⤵
                                      PID:2124
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
                                      2⤵
                                        PID:3676
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
                                        2⤵
                                          PID:4692
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
                                          2⤵
                                            PID:5068
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
                                            2⤵
                                              PID:5156
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
                                              2⤵
                                                PID:5144
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
                                                2⤵
                                                  PID:5184
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
                                                  2⤵
                                                    PID:5196
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:1
                                                    2⤵
                                                      PID:5216
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,4934327275851348363,7845579239337965536,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4844 /prefetch:2
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:4776
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:712
                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                      1⤵
                                                        PID:2212
                                                      • C:\Windows\system32\rundll32.exe
                                                        "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
                                                        1⤵
                                                          PID:4924
                                                        • C:\Windows\System32\svchost.exe
                                                          C:\Windows\System32\svchost.exe -k UnistackSvcGroup
                                                          1⤵
                                                          • Suspicious use of AdjustPrivilegeToken
                                                          PID:3320

                                                        Network

                                                        MITRE ATT&CK Enterprise v15

                                                        Replay Monitor

                                                        Loading Replay Monitor...

                                                        Downloads

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                          Filesize

                                                          152B

                                                          MD5

                                                          3d5af55f794f9a10c5943d2f80dde5c5

                                                          SHA1

                                                          5252adf87d6bd769f2c39b9e8eba77b087a0160d

                                                          SHA256

                                                          43e50edafcaaeae9fcd4dce5b99bf14fe79dae1401019443f31aa9ff81347764

                                                          SHA512

                                                          2e2e09a00db732ff934da1e6ab8617fb3c8de482f9667a2c987435d0a5d67550b4bfd66e8b4475012b60908c24e39dff58e2f2ffa55f13ffc55caae1be630c71

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7cd57bf0-b551-4b1d-aa5e-e3ac2ac0ac56.tmp
                                                          Filesize

                                                          24KB

                                                          MD5

                                                          10f5b64000466c1e6da25fb5a0115924

                                                          SHA1

                                                          cb253bacf2b087c4040eb3c6a192924234f68639

                                                          SHA256

                                                          d818b1cebb2d1e2b269f2e41654702a0df261e63ba2a479f34b75563265ee46b

                                                          SHA512

                                                          8a8d230594d6fade63ecd63ba60985a7ccd1353de8d0a119543985bf182fdbb45f38ccc96441c24f0792ea1c449de69563c38348c2bedb2845522a2f83a149db

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                          Filesize

                                                          768B

                                                          MD5

                                                          e8dd295254f391b476dc0b35f0cb6db2

                                                          SHA1

                                                          cc7768d75f32b48efabac2a3786ebee2c7655182

                                                          SHA256

                                                          bfdca24b8defe0c8fc3b833c9fd166f6af491e9fa0b7af866947983239bd5d82

                                                          SHA512

                                                          169ab0b31442a7f71915fabdc961e94d6d9095041540473539b589a5f4bf2fbdbdbb3be7f87df785e9fabfc51eeef5f7e8174b2745b402569fb51bcd26754b3c

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                          Filesize

                                                          111B

                                                          MD5

                                                          285252a2f6327d41eab203dc2f402c67

                                                          SHA1

                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                          SHA256

                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                          SHA512

                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                          Filesize

                                                          915B

                                                          MD5

                                                          e961bdaba3e7c39c4f6ea302781ef364

                                                          SHA1

                                                          047a1fe36a2862b099d88d2905db6a7ae826c1a4

                                                          SHA256

                                                          6f9324e3ababfa1a707bb0e54bd6e3942d8cc719f19e9714ac728cf9c4f073aa

                                                          SHA512

                                                          0f9405610c04491b8cf23c06f60d2e99668bf1f32287247ea7336bfc9a35758569bf3ba0fb0c7949735bba55d196d2d444e1cfe523e1098b67a747f6f0f76361

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          5KB

                                                          MD5

                                                          df49321a64e0e1f6ae8f4a324d2d15d7

                                                          SHA1

                                                          25994b3e7c9195e562c646a5761bc47cb4836ff0

                                                          SHA256

                                                          ee9f465cf36715c2e8adf362a47ff1992864138b974952c24250226413a54a41

                                                          SHA512

                                                          2ce65d6e947aa0b13a94c5c1e0e36126c939a1db44502a7e94cfc6a4be54b63753058a58d85d2bbee84375b7f36d723261a41e8b3e7bf073c479b5bd44c552ac

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          5KB

                                                          MD5

                                                          be8aa05426194c3eadf70f5f07dc84a2

                                                          SHA1

                                                          36cb4b647b57954142bcddba4b1d4198227f55fa

                                                          SHA256

                                                          23506a6ed19a2d8e6a6889969a8af6ad3e63e00e25c8878f9f442dca72850367

                                                          SHA512

                                                          777ee159f2b753a1a260c22438f76fedbfc48d09bd89714b0c1557797ae4a709cf65d12834c8bdd5870d4a0fcf03958cce2cdccf4f7c75aeefd687a5ab082d94

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          8a82b5fc4f72c9bf77474d40aa4d7b83

                                                          SHA1

                                                          84f43bba6920c0f2bc1ce9724f121169ea4ac74c

                                                          SHA256

                                                          8ef976377aa8e8ba2ed842fcf2141154b94da1e66197c907a46e8ed3893d1f6e

                                                          SHA512

                                                          05732ffbb8a9f634f494d6d7cb11200479bc4cae2f2a773e29f1002430535faa61ab142fefcc05abe197d7d96c338d7f3630ff52f2ac6a4dd780a0efce63abff

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                          Filesize

                                                          16B

                                                          MD5

                                                          6752a1d65b201c13b62ea44016eb221f

                                                          SHA1

                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                          SHA256

                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                          SHA512

                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                          Filesize

                                                          10KB

                                                          MD5

                                                          5bd77b8abc5c4e181144a59c4db5cd63

                                                          SHA1

                                                          62d119622a2a19587b104d841c71542755c80d4d

                                                          SHA256

                                                          3a31570335cfdebebcd584d5af4339a089be5c54c73df0c709aaafceaa656da7

                                                          SHA512

                                                          9412c5208e9038e4f8f4954b945ca73535eca073ca90a7b83ac63e853664136a5d05658fc747b8e45e13dccbacbc99ff656b96406005a8a372c01e9ff14d122e

                                                          Download Submit

                                                        • memory/3320-212-0x0000023321A60000-0x0000023321A70000-memory.dmp

                                                          Filesize

                                                          64KB

                                                          Download

                                                        • memory/3320-228-0x0000023321B60000-0x0000023321B70000-memory.dmp

                                                          Filesize

                                                          64KB

                                                          Download

                                                        • memory/3320-244-0x0000023329ED0000-0x0000023329ED1000-memory.dmp

                                                          Filesize

                                                          4KB

                                                          Download

                                                        • memory/3320-246-0x0000023329F00000-0x0000023329F01000-memory.dmp

                                                          Filesize

                                                          4KB

                                                          Download

                                                        • memory/3320-247-0x0000023329F00000-0x0000023329F01000-memory.dmp

                                                          Filesize

                                                          4KB

                                                          Download

                                                        • memory/3320-248-0x000002332A010000-0x000002332A011000-memory.dmp

                                                          Filesize

                                                          4KB

                                                          Download