hxxps://twitter[.]com/santimentfeed/status/1712496196189851851

Analysis

max time kernel
163s
max time network
182s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2023, 09:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://twitter.com/santimentfeed/status/1712496196189851851

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4824	msedge.exe
4824	msedge.exe
1660	msedge.exe
1660	msedge.exe
4864	identity_helper.exe
4864	identity_helper.exe
7936	msedge.exe
7936	msedge.exe
7936	msedge.exe
7936	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1660 wrote to memory of 2224	1660	msedge.exe	85
PID 1660 wrote to memory of 2224	1660	msedge.exe	85
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 976	1660	msedge.exe	88
PID 1660 wrote to memory of 4824	1660	msedge.exe	87
PID 1660 wrote to memory of 4824	1660	msedge.exe	87
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89
PID 1660 wrote to memory of 2348	1660	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/santimentfeed/status/1712496196189851851
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd592546f8,0x7ffd59254708,0x7ffd59254718
  2⤵
  PID:2224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
  2⤵
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2984 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6236 /prefetch:8
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6236 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,12762578953800170200,14771478231735196984,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6976 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7936

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2468

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:64

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3d8f4eadb68a3e3d1bf2fa3006af5510

SHA1
d5d8239ec8a3bf5dadf52360350251d90d9e0142

SHA256
85a80218f4e5b578993436a6b8066b60508dd85a09579a4cb6757c2f9550d96c

SHA512
554773c4edd8456efaa23ac24970af5441e307424de3d2f41539c2cf854d57e7f725bf0c9986347fd3f2ff43efc8f69fd73c5d773bbfd504a99daca2b272a554

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
eb034bfef8928b64042ef831c3861e9c

SHA1
be1a4fd898db00019690f35ada3ac6508fc205e4

SHA256
cf1404bfe42a981843cc2fffad89a75f9fbf161411e7031fa1ee2c6d58f8136a

SHA512
3bb8049d2dd277c14527dc2e3255e8a56c3a30abd0d228bc3dd88973a2fff7e4615b604eecc0f402cd5782f540c1c8fe23056f6bbf5ffba8e6a434fe84527752

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bc5a69d2a5bb74fb1d3b3a3539e9825c

SHA1
ffcd02017805cce031b0df689b1fd1228ee0b4d3

SHA256
bdbef80d147ff6b707101afc5c96d30bf204baf980427c1f548de741f29acf3d

SHA512
4688453de00d29b99a229aabf8d8a6bc63ec8733f74d89cd2f8086d72243cc2df704fd98498f96b85a7edc3caac4fc2d2a3e4dba8ee6cce7649ec78bc8a67b45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
aec62e5ec82c0983d98e33ebf7706689

SHA1
3acad73f8fc8e647536cac30039fabae7b182a54

SHA256
9535bab376e28024a58f6351252eabcea7af2115b7382f5ba90068cfe48f6f43

SHA512
fb5fb2d10cc8b49da1dc71730c9e006ea81592daa37064434f25e302300457a445092ddc2c575663fc09d3099e0bf0c59ffb5bf1064a5f5c12420885130a5e5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
728ba5e79f83724c593ba66aaf3b8b77

SHA1
88f833605ed54547c1f12159f1a3036a0186c480

SHA256
fdd02ff6ce14495b8b1c6c266cb54abb722e53e2ae92a7fcceebb1bc37c2e0ed

SHA512
a73055c99c396ee4c82bc0cf56cfba8b46fe86224d33ee544783285aec0a42bfff24b815bfb17d51b6edb10eed11e210cc0f10a94b2b08a4ac1726d9d008c6fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
44c4385f165c21de86b3db5dd08a0e8b

SHA1
b443fd6f50ae42437af068f31cde4983fdfd4c7b

SHA256
1dd509a7d375a931ab606f5464a9e1ceb5a1f43c440ca83d402133ab41b43acd

SHA512
bbf9e003553a1cf8932481e45e938796bd83da7af1e450a5cce9fd9bf0bb58b730e3b8a5ae20988c0c96d7efd3ae17faf3145505a560c4225ed8a941faec0d5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
496ba0b75b72b7e004af7bcae6502f47

SHA1
56e8bedb09b2474237f0ef3db92d28b5856dc23c

SHA256
deaef5ef75f985c8acccbb69885afca850f7a0c07406815e220e85b48738d9f7

SHA512
100283bba73d553dd95a9fe3925060e22e7d94e375dd3d9ba9e8fa5cd3f8daafc82468d2fd103ac22e4889293e506151a364ae312274c57c6208305abfd7cc99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
d985875547ce8936a14b00d1e571365f

SHA1
040d8e5bd318357941fca03b49f66a1470824cb3

SHA256
8455a012296a7f4b10ade39e1300cda1b04fd0fc1832ffc043e66f48c6aecfbf

SHA512
ca31d3d6c44d52a1f817731da2e7ac98402cd19eeb4b48906950a2f22f961c8b1f665c3eaa62bf73cd44eb94ea377f7e2ceff9ef682a543771344dab9dbf5a38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\bbcf437a-6d7c-4b78-9f16-db4ed56ba846\index-dir\the-real-index

Filesize
9KB

MD5
ece24d0e42d96bfc4bd1bffb1ead0aaa

SHA1
ec45324eee6f6e413b6977c07cd12fbe99e74f43

SHA256
da0115007693441d8eaf1be4de76d22f9e4c14020df6e4bbeb631670af14f915

SHA512
f237e35dc2f941d19358cd541610d50d8402c9022165375da59c90c259e5022fc2f2e2c9adff093188b2cebcb49c06ce965b516df518f89beb141e94c4881133

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\bbcf437a-6d7c-4b78-9f16-db4ed56ba846\index-dir\the-real-index~RFe5a904b.TMP

Filesize
48B

MD5
004f6d623d7607bfdb513cdaf0ad3dd2

SHA1
545ecd7e6f2779b554a945ab81ecfbc1a9a48aa8

SHA256
1c148f0a2a7b1d028d37bb9b5b7d358b6fbf92e7207018f3381e34566883f074

SHA512
61dd5fdd11a3c72e84e4f31c01edc880289d9be444e85e9334d3204444c1986e132c711e180365542f666c82e9edff34d0533c0e3f8131a079b0e045f3b92e16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\fe797255-0f2c-4212-8ea1-fd09806fbd61\index-dir\the-real-index

Filesize
72B

MD5
b8f570994a40002cb949f0646d721966

SHA1
75b44bcbe5e8b433d793b3b56268c5433760c17f

SHA256
2ac5e79f73fbe684bac9e7feafb402f39d9de9df174ed22628f5a2400fa0e0a6

SHA512
f208005b3c1a8c4a7e8b23befe66d744cd8589b24dd005cdc6be2da3b5a33918b7fc3599cba8570db4b4780913dcfa513400fb4ee47a8eaaba55c77d81e14620

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\fe797255-0f2c-4212-8ea1-fd09806fbd61\index-dir\the-real-index~RFe592ef6.TMP

Filesize
48B

MD5
c0bef16bb75c6b26cf84f8aad683ad64

SHA1
95bc782731a58057c2f10827a65ab733ca93d264

SHA256
b23a34c3ff867f263f7293effcb0714cc06e5499ab39620f536943e9b47827e8

SHA512
08ba62cbd796d075f99a1af96b23c3a1995233613a04121d1cb3d9f68048fe1dda8c5af246d25378e73cf9d22a3ec9cd248668454afec504a271a92ccbb7f14c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

Filesize
140B

MD5
7bee23f4823d98c49b904e575810c79e

SHA1
419534a078ceea645ef5f5211bba201f25d414d0

SHA256
43566d167b21c5229c47a96e3a082931d8453c52683ba59306b172516adcc3af

SHA512
d396a624daef5ffab9f1d502eff5f69ed76565c1f594f3bba51f6d44094b111e55d29e03b056754be75a6f2818f4f276a76955c52249935b2e3b7518f5d9869e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

Filesize
138B

MD5
e30df6d37fffeeab714f5c30ca382494

SHA1
33bdcfdac1955be5da25f64a51bc6f66fb7e2487

SHA256
02964e95d5c392e5cc313ffa29c4ca9f0a1b89b88902422af9677ca9a463b537

SHA512
1bec35d718cf7771ffcd838876f1656944b22a9aa5cc1938d71076db1a518802db6bc9ba96a6a4ff03e28ddc0159cb1c7b1254e2662008dfd9303375cc0c3b29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe58dda9.TMP

Filesize
83B

MD5
fa3aa15dd15e1214b1c9f036ed56ed61

SHA1
7a7513f6089540a90247bbc56ac1075c8ca683ab

SHA256
321e4216b19874ea2a32705d72caae06f5532652a2c70ba71b2e4d240af9f96e

SHA512
2502a61b0cacbbabb75a57aaf3860b01a46ee23982321f32139bd618e2755880b937eae809a50340f85ac460e68770f57c859537e0d02e809f8a21e2425aa047

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
e7d914a73f7257f56313c6ad7e81faf8

SHA1
6b35bc3c3187453213755cce8670f859b6c3867a

SHA256
3e3de28fef999de6df25bc8859d71e1e2743c49d93856abbed359edd5c57b119

SHA512
89328e550cd35326d2831afb5bdb579c6c8559c20530f0a4f6850450cb36dffd2de4868737c752ca6d7e3b24823f85ea1206817670f0589c5f96c04e5ec90f6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe592c56.TMP

Filesize
48B

MD5
830ce7384361d2ab6b1593b60fe108bb

SHA1
666d224fd8034cab1902e8875c63cec5e9ef5390

SHA256
d9f1b92aae8d574236ee0b256ff7441e2891318f5e1c2fde18ddd93b2050f4d4

SHA512
939cc6e68a6679c8abc2b28034e87b78f757f0b2c3889e191c1211210bd2518025e3e50ab9e5257bc54bd06f8c97b35cf0d8e42301f0c3fc362baa737896049b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f14cc64a2872947bb846d958ddc1afb4

SHA1
e37a6b63c952368998f9f01ee0dbc67e0b61a7aa

SHA256
2214580fb3c32675d4eefae323bd839e96ca4041adb01981ca490d2c380c7da9

SHA512
5c33ed1c26259ee7defb1068be5cb3bdd1749a113704b98ca8678c154953f97115b110d73dfa44b7007617531714429822d49409eaeb07e0626766b4aead88cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e5fd782e6541dae31c1ddfac86b51564

SHA1
d2571173ba3fead7ee57f2573f42e4950686d068

SHA256
2e3e6faf46c46d6c5cb90af1fd368efbfb6f19e4c807d72df4a9af818a6fa0ba

SHA512
3082b4f256906d3dbc72f80e0d0032aa6259340db68684a4bf2222ec094500255d015ff948dae3ad818414d9b9b2d73d5ac74e87984410dc2b479bdc95e5124f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fe3a046e2205b1f9b444dfaec9b0371b

SHA1
c1f95c26205f52deb1ff8db21ed8ad48e23a3e25

SHA256
3918b7ca3a29011fcb971abcd1872927e5962290754deea757ed4785226de6f4

SHA512
6ec8e9bd5565fcf1c73aa1c8efc8c1744e1ae4ff55c11583a6fd6ed4abf26d3165af2b6e5c00511f2aac2a468f53e4ae0a47ec7cfedae2fe4f886f601aff427f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fd7157514cc53ed2d09cf0b0e18aeb85

SHA1
904d33cb75c3751d3c6ab5f498ffed166fa3e780

SHA256
ad39d24dfc01588f2115f8f806d08b12ec299ab585cf0158db6c61ee7a546546

SHA512
80973453b8a02d3d42beb413010b92920c2eb655c261fe09c0a4ab940cdcfd40346b570f9120c8d26d6c77baa7733f5672037ba7c00a73592e5a6ac0804db353

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d406009f7e56e05be61f44f681ab4c54

SHA1
755dfa7364556dfbd90fbf0f0ff907bbdc7c2606

SHA256
26b228d8fadd862d32184e1ab287bb925205515336f488956bab8c5f5c8b5543

SHA512
70b02417a799da35bde29e5cb24d32241d3644c3968be85827bc0a5086020c3c297670f00a9e653d451c9ef77bc30b54df8ea2af11bf71f06fa611236a794499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4454493552796a76adc1b5ad11e5134a

SHA1
95f9bf1967bb89997bcbe7afc009c03541eea2bc

SHA256
7fa0f70322c7f8de2abe46d6829a0eee135ea5ed4e71d770896f82dcd7a9299a

SHA512
c85a4ef81a94ddb959f6bba08a792753d154870b00920118a2a249f994297a1c2240aa1aa3c664190fefc066ebb7ff487f6a630be825aed1995d27b0e5e9c72f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fb44846bf7218c03ac145d893c20b7dc

SHA1
c5072555b9e6584cd34412a1d117dca4cae6816a

SHA256
54e544b0be3188df9994c76233b47fcd5e9807adfdf64b7412c6ac32daa731c2

SHA512
0f7fe4c7f1fed6a95dc7e7a26afc29a5f191a41e353e47e8371b0fc57eaacab94067b34c1c8d02270205c68af2d284f8365561583ea69a2bf9b4d71cd4efdc7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
745655ac38c1125aafe3d8f803f8ee6c

SHA1
9a0444448879f5bb3ddfe3d5d8b08e5573144765

SHA256
888021cdf12f4cc0c84aeebbebc7c8f4041c07389bb2698391b34bdb232ea638

SHA512
5b20a570a1de222104a8c3af3d981a72602fdddedadbd06b268896d58ab544a9c4703bfdd88f3159c62d89427bb12ab9fe92518469b4915b2d0b4784f75c31c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2d5f19f57521fd8b1de121fabd3d8c3c

SHA1
3033cfb70f9c42f560e4d1e8556163e3c24d73ca

SHA256
dc1c7c988f0bea221891cded6254b5fd5ad4da5557ba6edddb1b975ec6389764

SHA512
581c5cf6bdef1d99312cd4e989653f388c6bb1f7b81774afe97eaf7d03ef5aa354bdb0c412203723e08bfd803af29e413b36f927694479ff30efbce7a67a188e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
682fcb58655a0d8f9a3acc72a5a5463e

SHA1
d12210dff1e38730939715c569ac778607d721d9

SHA256
6ba167dc10008c55734f716b25911428a041771ad8784e525ddb25dd0506e2f7

SHA512
b156246276399ed58cf1ab2aeb320980600004a6056ef6c588a4a4dfbea1fca90efd8b87878bdd5a51370677d31a01615d8b834ff689549961c6261245f909e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58e692.TMP

Filesize
204B

MD5
3389e7b51c525a308806a48b74707395

SHA1
4a8b5de5c9e630014b272a6846b13e65d34b9a2f

SHA256
c2f7cee68692450735c3237649c31778e4007b06a6cbeae5edd4c591f2965c8b

SHA512
a736e26d26f8ae4795d45db69ac968c99314edd6f91ddd491590bb74352fc269c0856d6d55404f7a7711f9c06c5c811691d2aded07b92d7ae197a6e9273de08f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
83cd182b8dce80b65ca872c1608a56b8

SHA1
938b6d7c0bb20dd89f3e34ba8d8129d81c8f4379

SHA256
c2ce6487842b0237205f27ecb2cd11d07703189c87e9db026bc3befdb74e8357

SHA512
1be83b33bc914e07214af08c5130ca122c18ebbaaa9fc7f46a09c483ce28d3d2f7a14b122ef93a70b39072c32a0d1a3ca59c55eab6604e7fc5f0a1408bf2f830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
10d48560b860fc2c4f87c16b4f8bfe9b

SHA1
09e358f0fa0c575d6e9e9faed4ab5aca7be62e30

SHA256
565b5965e8c0b75cad4f1ff2588a803a3cc82a521983bcb0f864cf11a36e156a

SHA512
099376df1c8425b095ded92eae83eda56331b4f87122a370439cfad3d5e3d6c9eea923ed440bd958825cc39a949bec615707a519a19248612088b1353fc44cfa

Download Submit