Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

http://"type": "ELF ...

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/11/2023, 12:32 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://"type": "ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=fc4d4e84ff150fbc12510bea4a9eef38207e1fce, stripped",

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://"type": "ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=fc4d4e84ff150fbc12510bea4a9eef38207e1fce, stripped",
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:732
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff976a546f8,0x7ff976a54708,0x7ff976a54718
      2⤵
        PID:408
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
        2⤵
          PID:4308
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
          2⤵
            PID:1588
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
            2⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:2868
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
            2⤵
              PID:5040
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
              2⤵
                PID:1548
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
                2⤵
                  PID:3008
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
                  2⤵
                    PID:1040
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3480 /prefetch:8
                    2⤵
                      PID:3428
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3480 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:4328
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
                      2⤵
                        PID:3336
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
                        2⤵
                          PID:3540
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
                          2⤵
                            PID:5196
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,1865404821399680972,9037139394763256899,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1368 /prefetch:2
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:5576
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:2280
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:4876

                            Network

                            • flag-us
                              DNS
                              8.8.8.8.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              8.8.8.8.in-addr.arpa
                              IN PTR
                              Response
                              8.8.8.8.in-addr.arpa
                              IN PTR
                              dnsgoogle
                            • flag-us
                              DNS
                              134.32.126.40.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              134.32.126.40.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              158.240.127.40.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              158.240.127.40.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              240.221.184.93.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              240.221.184.93.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              9.228.82.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              9.228.82.20.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              39.142.81.104.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              39.142.81.104.in-addr.arpa
                              IN PTR
                              Response
                              39.142.81.104.in-addr.arpa
                              IN PTR
                              a104-81-142-39deploystaticakamaitechnologiescom
                            • flag-us
                              DNS
                              26.35.223.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              26.35.223.20.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              59.128.231.4.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              59.128.231.4.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              157.123.68.40.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              157.123.68.40.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              15.164.165.52.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              15.164.165.52.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              254.20.238.8.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              254.20.238.8.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              tse1.mm.bing.net
                              Remote address:
                              8.8.8.8:53
                              Request
                              tse1.mm.bing.net
                              IN A
                              Response
                              tse1.mm.bing.net
                              IN CNAME
                              mm-mm.bing.net.trafficmanager.net
                              mm-mm.bing.net.trafficmanager.net
                              IN CNAME
                              dual-a-0001.a-msedge.net
                              dual-a-0001.a-msedge.net
                              IN A
                              204.79.197.200
                              dual-a-0001.a-msedge.net
                              IN A
                              13.107.21.200
                            • flag-us
                              GET
                              https://tse1.mm.bing.net/th?id=OADD2.10239317301580_1F1XSUIT7JJ8XLYPA&pid=21.2&w=1080&h=1920&c=4
                              Remote address:
                              204.79.197.200:443
                              Request
                              GET /th?id=OADD2.10239317301580_1F1XSUIT7JJ8XLYPA&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                              host: tse1.mm.bing.net
                              accept: */*
                              accept-encoding: gzip, deflate, br
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                              Response
                              HTTP/2.0 200
                              cache-control: public, max-age=2592000
                              content-length: 208770
                              content-type: image/jpeg
                              x-cache: TCP_HIT
                              access-control-allow-origin: *
                              access-control-allow-headers: *
                              access-control-allow-methods: GET, POST, OPTIONS
                              timing-allow-origin: *
                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                              accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                              x-msedge-ref: Ref A: AD06109EF86D4A2DA0B0A932B99B5F5F Ref B: AMS04EDGE1612 Ref C: 2023-11-22T12:33:29Z
                              date: Wed, 22 Nov 2023 12:33:28 GMT
                            • flag-us
                              GET
                              https://tse1.mm.bing.net/th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&w=1920&h=1080&c=4
                              Remote address:
                              204.79.197.200:443
                              Request
                              GET /th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                              host: tse1.mm.bing.net
                              accept: */*
                              accept-encoding: gzip, deflate, br
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                              Response
                              HTTP/2.0 200
                              cache-control: public, max-age=2592000
                              content-length: 205233
                              content-type: image/jpeg
                              x-cache: TCP_HIT
                              access-control-allow-origin: *
                              access-control-allow-headers: *
                              access-control-allow-methods: GET, POST, OPTIONS
                              timing-allow-origin: *
                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                              accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                              x-msedge-ref: Ref A: DB7994DD85C2474AB593556351266FED Ref B: AMS04EDGE1612 Ref C: 2023-11-22T12:33:29Z
                              date: Wed, 22 Nov 2023 12:33:28 GMT
                            • flag-us
                              DNS
                              88.156.103.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              88.156.103.20.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              81.14.97.104.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              81.14.97.104.in-addr.arpa
                              IN PTR
                              Response
                              81.14.97.104.in-addr.arpa
                              IN PTR
                              a104-97-14-81deploystaticakamaitechnologiescom
                            • flag-us
                              DNS
                              14.227.111.52.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              14.227.111.52.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              67.112.168.52.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              67.112.168.52.in-addr.arpa
                              IN PTR
                              Response
                            • 204.79.197.200:443
                              https://tse1.mm.bing.net/th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&w=1920&h=1080&c=4
                              tls, http2
                              15.8kB
                               436.9kB
                               326
                              323

                              HTTP Request

                              GET https://tse1.mm.bing.net/th?id=OADD2.10239317301580_1F1XSUIT7JJ8XLYPA&pid=21.2&w=1080&h=1920&c=4

                              HTTP Request

                              GET https://tse1.mm.bing.net/th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&w=1920&h=1080&c=4

                              HTTP Response

                              200

                              HTTP Response

                              200
                            • 204.79.197.200:443
                              tse1.mm.bing.net
                              tls, http2
                              1.2kB
                               8.3kB
                               16
                              14
                            • 8.8.8.8:53
                              8.8.8.8.in-addr.arpa
                              dns
                              66 B
                               90 B
                               1
                              1

                              DNS Request

                              8.8.8.8.in-addr.arpa

                            • 8.8.8.8:53
                              134.32.126.40.in-addr.arpa
                              dns
                              72 B
                               158 B
                               1
                              1

                              DNS Request

                              134.32.126.40.in-addr.arpa

                            • 8.8.8.8:53
                              158.240.127.40.in-addr.arpa
                              dns
                              73 B
                               147 B
                               1
                              1

                              DNS Request

                              158.240.127.40.in-addr.arpa

                            • 8.8.8.8:53
                              240.221.184.93.in-addr.arpa
                              dns
                              73 B
                               144 B
                               1
                              1

                              DNS Request

                              240.221.184.93.in-addr.arpa

                            • 8.8.8.8:53
                              9.228.82.20.in-addr.arpa
                              dns
                              70 B
                               156 B
                               1
                              1

                              DNS Request

                              9.228.82.20.in-addr.arpa

                            • 8.8.8.8:53
                              39.142.81.104.in-addr.arpa
                              dns
                              72 B
                               137 B
                               1
                              1

                              DNS Request

                              39.142.81.104.in-addr.arpa

                            • 224.0.0.251:5353
                              453 B
                               7
                            • 8.8.8.8:53
                              26.35.223.20.in-addr.arpa
                              dns
                              71 B
                               157 B
                               1
                              1

                              DNS Request

                              26.35.223.20.in-addr.arpa

                            • 8.8.8.8:53
                              59.128.231.4.in-addr.arpa
                              dns
                              71 B
                               157 B
                               1
                              1

                              DNS Request

                              59.128.231.4.in-addr.arpa

                            • 8.8.8.8:53
                              157.123.68.40.in-addr.arpa
                              dns
                              72 B
                               146 B
                               1
                              1

                              DNS Request

                              157.123.68.40.in-addr.arpa

                            • 8.8.8.8:53
                              15.164.165.52.in-addr.arpa
                              dns
                              72 B
                               146 B
                               1
                              1

                              DNS Request

                              15.164.165.52.in-addr.arpa

                            • 8.8.8.8:53
                              254.20.238.8.in-addr.arpa
                              dns
                              71 B
                               125 B
                               1
                              1

                              DNS Request

                              254.20.238.8.in-addr.arpa

                            • 8.8.8.8:53
                              tse1.mm.bing.net
                              dns
                              62 B
                               173 B
                               1
                              1

                              DNS Request

                              tse1.mm.bing.net

                              DNS Response

                              204.79.197.200
                              13.107.21.200

                            • 8.8.8.8:53
                              88.156.103.20.in-addr.arpa
                              dns
                              72 B
                               158 B
                               1
                              1

                              DNS Request

                              88.156.103.20.in-addr.arpa

                            • 8.8.8.8:53
                              81.14.97.104.in-addr.arpa
                              dns
                              71 B
                               135 B
                               1
                              1

                              DNS Request

                              81.14.97.104.in-addr.arpa

                            • 8.8.8.8:53
                              14.227.111.52.in-addr.arpa
                              dns
                              72 B
                               158 B
                               1
                              1

                              DNS Request

                              14.227.111.52.in-addr.arpa

                            • 8.8.8.8:53
                              67.112.168.52.in-addr.arpa
                              dns
                              72 B
                               146 B
                               1
                              1

                              DNS Request

                              67.112.168.52.in-addr.arpa

                            MITRE ATT&CK Enterprise v15

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                              Filesize

                              152B

                              MD5

                              aed593b08b94f34dd8f68fd369652ac2

                              SHA1

                              3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95

                              SHA256

                              5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7

                              SHA512

                              16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                              Filesize

                              111B

                              MD5

                              285252a2f6327d41eab203dc2f402c67

                              SHA1

                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                              SHA256

                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                              SHA512

                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              8610c1929a80187b865093a29b4f797d

                              SHA1

                              234b9b162b0f4d365bdf34dd7f07c1c6af9ede6c

                              SHA256

                              b59925750db5b49fb62934da8da91f18e041e0f2e49dd49375883f8a4ef787b5

                              SHA512

                              536b990475549fdf12ef37aed742656e5bce903d8f064813d217782dcf81f2473e56fa5e2c3ae75a533e227175339a0e8c084f1ac9108094caa543458478e2aa

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              5ab9c01abeb0086314c15fa5b17f2257

                              SHA1

                              236a5dcdf51517ae11b3c885522937a940582eae

                              SHA256

                              85cf89f0aa0713df8404e251e0e96f04cc9367cef3ffe56dd98cd56a179fbe59

                              SHA512

                              a4114100e4f782e43cb5b3c0f76317f011fa00a796b9132cec98274d25f9c254ad23d0c71af334eb5ba36835c8b2c74de22c068ce901c8eb3ac8e7db244c56f0

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                              Filesize

                              24KB

                              MD5

                              e2565e589c9c038c551766400aefc665

                              SHA1

                              77893bb0d295c2737e31a3f539572367c946ab27

                              SHA256

                              172017da29bce2bfe0c8b4577a9b8e7a97a0585fd85697f51261f39b28877e80

                              SHA512

                              5a33ce3d048f2443c5d1aee3922693decc19c4d172aff0b059b31af3b56aa5e413902f9a9634e5ee874b046ae63a0531985b0361467b62e977dcff7fc9913c4d

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                              Filesize

                              16B

                              MD5

                              6752a1d65b201c13b62ea44016eb221f

                              SHA1

                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                              SHA256

                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                              SHA512

                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                              Filesize

                              10KB

                              MD5

                              3be7900f8346cdf4cf115f13943679bd

                              SHA1

                              c4936efe55fbfb225558cf7b32d9b8084cb9b2a9

                              SHA256

                              05d622bd04c5db1bcbf2fa6d412738e142dc17c374149ff8e27f6fc70f01ec50

                              SHA512

                              7ec7702d5a39619615b74e8cf2e6df316e7356af7a2dafa1b1e0e8cb9fc0391d7f64a02aa60f6be35c80e8f5c3406ab726ff55e09e01c5f2abb8d52905f00c11

                              Download Submit

                            We care about your privacy.

                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.