hxxp://www[.]lineaeticaypf[.]com/

Analysis

max time kernel
147s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
12/12/2023, 10:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.lineaeticaypf.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4356	msedge.exe
4356	msedge.exe
3900	msedge.exe
3900	msedge.exe
1700	identity_helper.exe
1700	identity_helper.exe
1148	msedge.exe
1148	msedge.exe
1148	msedge.exe
1148	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe
3900	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3900 wrote to memory of 2996	3900	msedge.exe	30
PID 3900 wrote to memory of 2996	3900	msedge.exe	30
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 564	3900	msedge.exe	87
PID 3900 wrote to memory of 4356	3900	msedge.exe	88
PID 3900 wrote to memory of 4356	3900	msedge.exe	88
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89
PID 3900 wrote to memory of 2008	3900	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.lineaeticaypf.com/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ff9dd0f46f8,0x7ff9dd0f4708,0x7ff9dd0f4718
  2⤵
  PID:2996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  PID:564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15535922151067224210,511729765899739519,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1148

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4408

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a556bb6f129e6bd2dcfb5e29b7483f3c

SHA1
54f04d95d772d4837334739544f6871c10f24110

SHA256
c88e30f34c1dd579de34700a10a25c92e55f09b47be34ef7742a01aea47f222c

SHA512
405908519a2b51c42c380ebb160557fb551bbec0c015c7a6fa61acc01eaa32a6ae20895aeaa1879a4aea3b0cc6ec1754d30610a3e343105a0ea4350156a6fb2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
b7c44c2754e44657e85e2c24e48aaa8d

SHA1
924ffb1f9eab46d07653e00e10ac1c0e9ba5a7c0

SHA256
326094cbd73f44ebb257bfb48c1952da106687be284ac67604c6d5b067c3f637

SHA512
030a7030a33eb3f823b098fe8e14aa2dc4091c2d048236e45599fa486b9c0542ab0ff97db8a5da7ce72f76c07e03e054620f61807491693539ebeedf3ed7b626

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
d0fb55375221a71482e2614a49f545b3

SHA1
7f86f543570f055296fa9aaac41721be0d7b3d04

SHA256
110f3c99e732c35ca2a2da03832e5b967ac2990d6b9abfe26205bd13c2ab0c62

SHA512
47812f16d4e35b3b35a6a1bd5e9cb38e0f122d25ce3b125a1de4266e59c8267f3ca97e0d543e70ef86439d7474572b7ac265faec5c4d23819a2a2a757fd0687e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
652B

MD5
bd9fc3f12ffde032c2761b59e941e92d

SHA1
a67774429c627350c380564768df94f210f87aed

SHA256
865eea2cefc91bf6f468a736d62de83e0472612c9ea55de53f50eaae150198ba

SHA512
a778a8f71c52d3159af435cd56a67edb0580a6a2a3466e2ee9dc88661590dd4fc2583c50bb15d69e71db8c94c3b1babf837e8ab3deeb637b83e7b8614af33b5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
bc528a4ed19810a8163af26cdedd5e3a

SHA1
55d1e92fd93691b016f2f0f753acde143fa4e226

SHA256
202a61b5555f2f9aa6e674040c02855dfaba0efe10fd2eed0ddcefe85d23be9a

SHA512
b6e9e8587dfe81bf10ed0e5f3b8c698f4e11e016447aff54232dbdb03985d75f78311d39f43f70c260045113f0b57563f6ac165a231219e7e2e8386f46b1311b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fff466515d68864d8d699b0108e461df

SHA1
4cb306c0f079529a45ed6b7a45ac4f4dfce40cd2

SHA256
86bd331ec8c278e6b77c367e0a9460476d411dd6b508a44c7cadd46675f35056

SHA512
ff7f7df92471be95610a46dc5c00dc3816ea06938b02768859db7a49394be3dea59ef209f4cf24dcc4b50260e79d0c6b9b0a25eab4371d1ef56897bca6901e6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bc7ab9f64b1884c8b3e5568a55af6f60

SHA1
804db6f2ea9c39985252b05ad086a1c5f8b543b3

SHA256
f564d00faf534df80d07c7ee08e81ac4cfeb695024072d999861fead3a76fdb4

SHA512
1a1e08849c82ec76a468c7759bdfc39f1dbd9ec481ad727903385f75bc00fd936d9dec88c88e098c0a7c4e24cad67ab6b7abe8d69df9308100e99ab155dd5947

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c4c231ec9fe4be67c106ecdbd3cd9cda

SHA1
4d5451a058344c62ae8c5008f266d765208a9b44

SHA256
bb56c1e658d67ccb4a826a6890e2182e70e017e8a685904b687ea443fe96a689

SHA512
90fd26c53b7801be2cc6103d2f7e01b41bce09324cd732e2dedce1f2c9184eaa0e0216969b5d8f188e1a93a3ec705f0a5efac599bfb3d8586bc2f344ecedca64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
aa3db81e5ed16930c40f0a83dd947008

SHA1
594657b7812f4eb6b515b885f6004c366f38d1cf

SHA256
becaf8dcc2fd6c3fade9787edc3848cc901fd0690a4b9e1dd29ca24e1449bd71

SHA512
faef7417672e0919285c95e480226b82d7272a5057ed8342557bd995631d5332f497b82ffd1f5577d37e8972ef4b30c6441974b2197df1dc19bb1a4cf907e4c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\1a5e7c70-c811-43da-bdbb-4f3a51547283\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\58bfd14a-af6a-4ad4-9182-66de193e04f2\index-dir\the-real-index

Filesize
600B

MD5
48f9c06a99a93e2557e5fe0b89ab98c7

SHA1
d56ff37bf53e045511d7d33b43c305cb4011cf68

SHA256
5873246cf0a0735f47a942b6e142c2096b1d88a4ab5b63121418a196fb79b2de

SHA512
08e3761fb98effe07c6ef344944ba5832f8b392171c1877aea882cba43d42b9baadb0d51891cd08e00aa0d97f9a815d1c4e3e4f5ecc321551e1ef02302c7551d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\58bfd14a-af6a-4ad4-9182-66de193e04f2\index-dir\the-real-index~RFe589c2b.TMP

Filesize
48B

MD5
eba401b836a5bd9df890d65849f13709

SHA1
c6f2bc5bab3a567e0e7a0a3013ec9e8bdb8e56c5

SHA256
7f89c85bda29009cd8a55c352ab77d029930b2cbf25c7691853249348285af50

SHA512
51f919896317658598e0dfd9a0f68f3e62acc45637b9a0530324233eae648cf7a2eeab59f67b16e5c880f819100a286453b8b0fbe2310050d1fac4b49913b2f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\9c0687ee-ea4b-451d-92e5-409b16cc4de2\5d0f3ff1f301b979_0

Filesize
21KB

MD5
413a7a25c59099d221b9981b1f5aafb3

SHA1
173f4878d4af64ab21f0218edb2848d3eaa843e4

SHA256
29b75f2eb7216e216bafcf79bc15813230679fdbfc6deac821f79272fe384c1b

SHA512
c1aa63a887cc9a64c162f6dab995c55a9ccb42731e02932937b69c866302f700898b1c737d72e1f6dcf9b32a4c15e4dc4e10739e1e8f2d52f46c3e89647c6303

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\9c0687ee-ea4b-451d-92e5-409b16cc4de2\index-dir\the-real-index

Filesize
120B

MD5
c94b06277fd0bd464d77081f4c12cec3

SHA1
cb0feb29fe2534b24797563505f23e642519a10c

SHA256
70c3739cd1489ec714a1f0b955e5005679c6bd4fe395c9b0f9404da4a722e1ea

SHA512
a708192495525078151d98def463f7e6af7b176ae1cb9b273d94ea0aecbdcc7b3659d64aedeae1335f9f7d6d4b78c53a86693828259a14de62c51a713fa04170

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\9c0687ee-ea4b-451d-92e5-409b16cc4de2\index-dir\the-real-index~RFe58a1e8.TMP

Filesize
48B

MD5
dc06b8dc5f6b436147b224b3b4e0c09d

SHA1
70cd2b41928558515ca18648a9968a3a465568d6

SHA256
1c7e2e353cf3f3ef76f35a5499868a5cd9e567a457de4e4a35f830a872e5b0fd

SHA512
fc2c3fd9f1251ff3fa511ec385552861a5b6ba9db7892058d5884481ca94f2376210a8f132a7ccdee5e00c057be947e8cbb1ae37b266c20ca2d1249f7faf0ad0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
107B

MD5
f7b7b255a1d410d4038697b29aaccbe9

SHA1
ccd10cfb7ccb80301cc595a92b1197cefe870624

SHA256
53639a17638ab24615517318107bd609e7a14062ff3ef8244293b6d106e86fa2

SHA512
02e02c1aa2aac91d81771ba2d3944b36d2a7a743e65c2782e50a2c69b52ffcf9d34592df2a01cb316f71d25234b5f134abbc768db80d28f2f767f937bdb2721c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
221B

MD5
61828a608a1cd7b78f22c6fbe311c544

SHA1
3a0030002cbfb7c6aa6d408b95d4c908030a5f38

SHA256
74036b2cc0b7731591301aff26dafd7a695721dde0a595cc8143d7662d5c4d2b

SHA512
6020b173c0cd9ce21520cd504a2617dd97991709c333ba9d6f203573f604f0c64a299ec28d1345c25cd3ae534ab446270c23e04984e34c73fe8d2507d407aa1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
335B

MD5
3d8a319c2b25aabb6831894040026d4f

SHA1
256f741630745ea6c693afa29bec96b8d63d3a87

SHA256
070b60fd611fe035c2a6a5c42105eecde46dd2f70661d76b70ba9331fe916f93

SHA512
1f5cda997218a6fc7826e749d18c6c03451980dfea0816f15b83881c9000777232a777fe2be42ac26ffb2f7529e29a201fde32d59b291099af7866be3afb00d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
457B

MD5
79fa620c4b9cf712f8cab13bf03d38e9

SHA1
c74d81072e294d522b96ed339d3744339ae59bd9

SHA256
caa36d8c22591d4a96762c37eb1e74bc8beca855179f5cd2bee269329702fa81

SHA512
c9afd4b9c8d4a33e6945236c08b4fca6c3e764be4fd425b6b38275510a9c363f5a0c3e8aa60605d979973df1f60dbf4474c58114718b9b0287d214cebcfb627d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
567B

MD5
a5b8df0e105a3030eb29a23afdd24549

SHA1
59ab59136ffcb902e0dee3a31b42e60cd43a6a76

SHA256
16c4130290384d43d508908fd3394f8afe0923441198820ef7db2669b9df4aad

SHA512
56a4ff11a3da448c9428ae9b7d205f742ec3b3f3e8eb5aa5644f98d0024cc42b59b465a1d704c801cd99d47c9c03bb9e0ad5c57b13dafe384d78b8728fa2f9d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\818db5b380eff6778922b6daa19eb02e1b28cc8d\index.txt

Filesize
562B

MD5
7f3910fec0e5c35243250e20f3c30060

SHA1
04a469cc8a5d25ab373fb5b4dabb786d2a7f01a2

SHA256
69e8bf4c2f28951164af39fff210d6f77c0819832c9a8ec68fe694e3e3d71b82

SHA512
558ac8e2c3abf384165e03ae659cfad67c25672ef4de8a2639806bc87f1f68b6c8a6096ab5a0101ae4e8617f09b8cfe247213905c58088d3fbfe4bf83b971b8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
f153842564208b399a80cf764e17376e

SHA1
c3595a9a060f15d1562a96a9a650bc4863fd9c9b

SHA256
87ee41c8b410db8e27ea8162b1339e3c952ec4ada9ac41113029162e9a68df6f

SHA512
91223656de2bef37b3b182f6414d278937de365a2e19b41f9770879889a94cf28417c8e74366e77fe6188798a9cbf6041c213ad08ba0fc67c12cabb4fb36932c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587133.TMP

Filesize
48B

MD5
b18c92ac449cd30b3a654fde5a454328

SHA1
92a395cf1db24e00e5f6c9e85a975bd16aa62a40

SHA256
32ed217b275528326c83b92fdd1d2af05541725f13bd77b2ef19e7e14b1a20de

SHA512
b1ef9d2f94c43947527a0e0c7892317389e5540e649c378ebe0cc168a3abca2a4c7ef00f1d0786a385d91c1a64dd94089d6e0cce04fb9407c80f56458df31e4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
47174fc0b32bb1cbee1f55a8a3675eb1

SHA1
87b57a45201589415ffe05afe3b19fdd3e490a90

SHA256
c0b338174c2d9590ab02122742b4cd9496f7da5ff0510782bb5aac2110075ef9

SHA512
44ed2afc6ac24bde446216504720238452956c0a2f19fa283c68639b783419b78252ef2d66de1037fe10f756dc6b13a5935a1efcc8ce56254194388bc8ab2a41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
9abc04234dd8e1763c03ae1505fd4a6b

SHA1
5dee8e162cffbe55b0a26a5ad7f0d706b3cf963d

SHA256
ecafa952fb582a77dffc98e069794555c4e9aa01ccab05b9d5f6625c3df1aeb1

SHA512
478817d5e013ca155ca4748d5305d3ea276fbe6d4f2493c631e1e82fefdf0f061be23f1c972a35049510edbcebb78972884c0ddcbc2210998085969f9c186813

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
27b56796b08c6386d85a6a9ca1388d56

SHA1
d327d98c9e895c3d9420c94bb48a11bcf8b174c0

SHA256
04784bb5142293412a2ba8fffef9403d90de3e08b2063d121e11e8ea69e07f36

SHA512
254995b6b1936406430ff419955193ffbae7eb74c5e0857090d426299e0557200b4f0206d32f2a93fd8f967ac36bf70bf52b374da8dee69270c0b30e58766d9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
493ab91631710403d0b03494697f4da9

SHA1
8b2e42f3bbdc1172bcd344132b039ff3766dee51

SHA256
5d2bfd6b85ecdbd7c208ad385c1f6e64c913e88e23c8ed2d8efd73c9ac796464

SHA512
b6b51f9b59d5ed9414f242cfc3ec5a5469c8df8786c30f551fc61981aa9f3f3d334d8f187ae6359454e101cdcd680d0071350328ac847393f824d4d94c623842

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5839f7.TMP

Filesize
366B

MD5
c285cf8c64908bb6b09a679d13f86955

SHA1
66257ce0da631452cd5f45949548a37bdac73a9c

SHA256
dc4a77b6ee4e7314cfe81ab904da1c2419aa8f6dd6afb30c15259f394252a4b1

SHA512
6be0261b071855b6053ff74054f5cf2c492f8803c97c45497de0a69abe82876e655d098016ba701980752f9e1ad95a42e63a2ea1dd3d0fc917be5a509ccf5b96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5acf907e27f3d7613a97584123a12106

SHA1
e91071b17b961c03324b52cc999045e805346674

SHA256
fb023862eb2663d912f15b664e3461354d1d2d7a1e649576b98f58b46aefb7e0

SHA512
289bde0cba518f54a7ccfb9766a45cf48a571494635ddce71334329db21f0ff5092d3124ce28a43478818253feb28b5193258e4dd9aa297aaa03e2475c1a4b19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8d0496e72548f80df46518daa2cd3841

SHA1
d908ba25bde0f04b14226612d4e94dc1346a9f4a

SHA256
ce1755fa1c0c82928184165700c774d0c5a558440c01739c155124e5a79957a1

SHA512
43c36e5650a24163a35d1780eda00ec3acf1191efe4a7fcf8f2a97808bc63926bf5963f1157bd7d69f31b55fa84a08b73a22bfab420aa7c56c423963b80d59ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
2139699a95ed967aa62fe530ae6a9b38

SHA1
aca41dff21e64dcc018e1370fa5d27f634c5672e

SHA256
37232572d8c3f65c6389c5e0d89b396d4fad81aa5a982522d79a4cbecefaa68f

SHA512
e0fb46a22d551b213df448efbf200aa025705730774d1c6eb244bd70ee9c0314de58bae2b2ca0c3bcd20de79ff49bf3527ec61745bd061ee8993698281e4a055

Download Submit