hxxps://en[.]wikipedia[.]org/wiki/Category_5_cable

Analysis

max time kernel
449s
max time network
430s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
02/11/2023, 15:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://en.wikipedia.org/wiki/Category_5_cable

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4464	msedge.exe
4464	msedge.exe
4916	msedge.exe
4916	msedge.exe
4028	identity_helper.exe
4028	identity_helper.exe
364	msedge.exe
364	msedge.exe
364	msedge.exe
364	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4916 wrote to memory of 1648	4916	msedge.exe	84
PID 4916 wrote to memory of 1648	4916	msedge.exe	84
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 1580	4916	msedge.exe	86
PID 4916 wrote to memory of 4464	4916	msedge.exe	85
PID 4916 wrote to memory of 4464	4916	msedge.exe	85
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87
PID 4916 wrote to memory of 4992	4916	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://en.wikipedia.org/wiki/Category_5_cable
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ae0446f8,0x7ff8ae044708,0x7ff8ae044718
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  PID:3228
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,7854283337472643222,2972623596142822129,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4868 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2908

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6276613a51dae3b747451bc05e24edfa

SHA1
96ff591013fc8d378a9b37ea580d8ec6e98bbde5

SHA256
d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0

SHA512
dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
726acb8ce7d1119a4dcb9971a2f7927e

SHA1
2b088d0ced76af6c45b747b4a62c2a1c5781f382

SHA256
87fae330f5c4b4c59b53f71b36ed8547e3911b054203543c49d8853536f0d078

SHA512
2b4b145457576849f0870da258c2b5f15311bd40b1ad730b40b5f1620c12c207c5a33093589a5a96b868a2c43fcd971440c0d14b315323ab9d6bc93e5749c085

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
262B

MD5
f288cda88671eec32998c6ea602c41f2

SHA1
8b0d539d329dce87130da957c82f3e2d689f0bb7

SHA256
aae5a3506ea069ede01bde892e524c986f9d637bb761b574f8dd20eab8abe97d

SHA512
d9254b1ce02af4b9b27b49916a78136518ca755d6a0a3c09a9f1fb8d1d6d8263f832c4f19ff66479f4f9b48b364ded3e4bc992d091ee31751d8389ccdb06b6c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ba9469f5639c1273324a707cae97e67f

SHA1
bbcf283879fb995487bcb615f2d13298f71eef9d

SHA256
724f70aedbac1b1b643efeafbf71ee4a888dd8df44120ba08add9b9a6d011c37

SHA512
8db4a4c614370f0c81d524f2f65a107bde601c78310e672834d809c447583ee4ce9389b7068e6c655243e854f9fef76c6df729381d60741abdaa063ef78bbbcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5f5ec0bf970c98fdf19670c0235b4bf7

SHA1
fcf4306a177cb124b5e1512ff70ecbf74ea7cfd5

SHA256
5a892a2bebb85e3f91dba4a715013565e936dea24344bcb5b602149758f0051c

SHA512
547536b9ec736a9ae55146baca48c7098ffebddc545370902577272ff4947ab8470ba5193bbd9c3979f3921decf908c54e18ce32702fb47a1e4c90beb2efc4d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
f1881400134252667af6731236741098

SHA1
6fbc4f34542d449afdb74c9cfd4a6d20e6cdc458

SHA256
d6fcec1880d69aaa0229f515403c1a5ac82787f442c37f1c0c96c82ec6c15b75

SHA512
18b9ac92c396a01b6662a4a8a21b995d456716b70144a136fced761fd0a84c99e8bd0afb9585625809b87332da75727b82a07b151560ea253a3b8c241b799450

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
700B

MD5
e16f321b80291c7203cd0d19a45d3a48

SHA1
fde6436ff1e0e462a9ec440e4e3ec39a683b8962

SHA256
fc8c0cb6a1858d5ff8583b2f2a54d747dbffe4cc990459bc7cb5ff786f221a0d

SHA512
bc51bcd59e77329470a347941b94c860f1d0ff4c4e4f3711fa575d1b068b95db72c4f9d961732be44266571a2d885cf5d29a7a8dd9148c995f2d950276ecb5d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
e32ab0b550baf1fd343f25fa4068e724

SHA1
8229d2e728a1b04e2ab54a1d99acb25a670cccb5

SHA256
fe8a0e7cc5b4bfd57156050ef0423d35e0238ac2febb6efb80aae93d827c21ef

SHA512
f43879d5d8cb31c940c7c7f605e796d01763e4b8913b7802d3e0cf56715d47432e0964741998dabb02c93820e9c91853b0e1ef4e737d306493491311625577a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
696B

MD5
9ecc5482db7be39ad7e660d324512bd0

SHA1
ba58ea7826e7c1db42274fd1b25d6b819a4ef9b2

SHA256
d878386f2fe77f42727cb11dd3cb4085e521a1330f3d96811e2fe73d375a5af7

SHA512
e44b66d26a46a367601eab4b21225d393a85914d84dbbe73ad472af2e5c15b1999663141e7f90868c65ccb4082d523f9c7ebcff9c5529a416213d82df352524a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
698B

MD5
8030e2af2eb5fe7dcbfd3bd3773eb99d

SHA1
e3bb7c1e3676ed7629398f6d35acf3d89a43ffb2

SHA256
ba33c0badbb0185a1c91f168c877526ff677e80dc949777d1731654415a961aa

SHA512
de1eec168bb796366b8e33351346c2090286d4c686476a7caf702cc4344bd6c37f93396f7f1975b8bb16b16f2c769d31f2ca543993f4c04047e46001ba014811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
700B

MD5
65e2ad71dacc923f9f931b54618f32ba

SHA1
2f937b0c6aeb2e9d70ad337e16ff993c69fc3bd0

SHA256
c57a687697339166fa31cda268d3d46ac881274cbe057912395d63f442e9f734

SHA512
3cd1f2ebbf1c4958c81f288669d2a1d0d35ad94ea5fff4f4a7eccc4b375778f2f4928f26124b6f362fe73d06d7be5add1d36771f27c684e327968cb11d3ab853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
698B

MD5
32531c1755f28269e1ce88df4b1628c2

SHA1
76c80f00811be3c4d46283b780fcc3284f97c02e

SHA256
e63635ad1f348b6635803d3694580699584fc8a2727d846d22236d40b6023228

SHA512
fdb09ca28089f3b66900e7a9cc7fdfda6cedc233eb8bde444ed6707767dedf6c14faa35e0524dc6cf7eec866c6e91fd2ba089e3a0c4a6522ba17f8bac22e60ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
f43075c3147ee0e046fba7b4e4140c21

SHA1
712f2bb900626cfd82b6fc3cc5f86d05fdd53838

SHA256
4a35275683d0d7fe2961557f4fc2643358ead6f111dddcd0bf2172ad318c1eef

SHA512
1a7d163a96b39eefc2885029be958296d02786874c473defbb9ea3d5841d859c425997d7d840f7a722566abdf309201e39e25ec194ed053f581570399b84bae7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
ce2797958df2a390ebc5cfc0e142b183

SHA1
f7a9a63f6de9b9dd6266275680313a5f5c950625

SHA256
76c9e2e5651335edefcfe7aa24eba165ad3cc6362c287301131a7bef2a603353

SHA512
a6850188b02cd54622af24815652f35e7e331e70688f61173c31b41ebf78466d95dcf13484ab7d7f9472967cb2d4850db87741a7e4d2654965e686be7de4f776

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
2e7dfe55435a329485561a29121b3227

SHA1
91068289d810b5214892057821cd60bdaf7bdfc4

SHA256
e4e150036726e21288d33051ae57445c4d888fadea909660d63d3b0373bb4718

SHA512
a675e3ac516d6a2b78aad2f9f0bc63220d782c729a5d051e83e7045edf2fd3f7c8ce0017eaebd2ff3f8a0010052632b69f8fdfde34bc6aa2c9dfb44661abb3ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
03e889d046b218d6bea73dcbc290b458

SHA1
3f76a11ceb0e8c0ba6dbe555cfc3348de829ef88

SHA256
2c2c6c28b7a37b9bd76c737d288130d3140a32075464bdfd966b95f5637eacfa

SHA512
542cc51d7524ed80e53712f35730a12a2d425de7ae7be8dfb08bf5fdda79ba1cdbf7f3d917b992367438e20a7241b7388940084788386e27b62c81d2fc7f31c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
eb172d963b2d37348b9f99eae754c2b9

SHA1
95d65e8f673cac397b14e735e4d3d96185639dfc

SHA256
20bc90c8bf7ae7e7267307634092cbcb032f08b7aba63d5ec93977511245ca4d

SHA512
2c40089739a59bdda1ef8e33e057a6e114397be296b805f4cf3db49c397141895f2b3519bafc3533d1b951b06e24c4c142b4d74ffb5424e862f9d41b3136cd00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
d408716c1600eab426b148b7362a70c2

SHA1
2535870822cdee4b4c5d577823a7b8f2056a866d

SHA256
b8d466bdc39360f900dda175d18feb5429811485b4f26ce77ba3c138a0742fe3

SHA512
cf91b2ff4741d7d544a59c369b33775d80d56c2ea2b6b54e0fee31165abc59f4b93baaee2b94d500e4b7242804578870501529b34a6fd9785dc26ae71ecb5020

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
edea77b484933f161f2d9c2d04e8e135

SHA1
01fb11ee03ffab414285c270d9c32dfc73fc0329

SHA256
30a59b3a8583ea843ad6f13665e917c249a981c0e03c11c1660e5457b67483a9

SHA512
d17bf0fe0b3a92bcec792a61c56addd8394eb80dfa644f83abc87473833a57171f75536c6a474bc9205f3d62ff4e04bea0512e00e3de9ba97b2bcf8e5af35ae3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ae4c.TMP

Filesize
537B

MD5
10a923757b5b4d5d19473cc3c6a2af73

SHA1
2fbe6f9924936ec449cff8bf9f2755bf518729e7

SHA256
4606efccb2892f3d64c496ce7f14b4d173bb6c6f048fece5e68a61a95094e0b3

SHA512
36773912e5dcda01e8464c112392dae0fd395fbe2e488a92fa87ad2ef5e182f874ccc065d8778413cb6c6aa1c328e99843f1a5145d371e1d4fb5623704d568ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
eefa3e4fc752b54ab4bfb4659a50c7f4

SHA1
05ee4f633cab090463c7667877ce3a3799178a02

SHA256
392dc1980252faba145c2e340ced950f701297872fddc04775ca7a9ec3e9b07e

SHA512
4f1ec9a2ddcded8c980d8c382c416c20785fccf922fdf068d3e10ecb53b0d7d8b9eebd3e43fffe8a22d99fc660cd6831837a828a7d116881142763f700950cd4

Download Submit