hxxp://player[.]vimeo[.]com

Analysis

max time kernel
0s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 06:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://player.vimeo.com

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4684	msedge.exe
4684	msedge.exe

Suspicious use of FindShellTrayWindow 17 IoCs

pid	Process
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe
1640	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1640 wrote to memory of 1884	1640	msedge.exe	14
PID 1640 wrote to memory of 1884	1640	msedge.exe	14
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4724	1640	msedge.exe	27
PID 1640 wrote to memory of 4684	1640	msedge.exe	26
PID 1640 wrote to memory of 4684	1640	msedge.exe	26
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25
PID 1640 wrote to memory of 4388	1640	msedge.exe	25

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9bcbc46f8,0x7ff9bcbc4708,0x7ff9bcbc4718
1⤵
PID:1884

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://player.vimeo.com
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5624 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 /prefetch:8
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2284 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,6427518806777664761,4472529932632987932,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5276 /prefetch:2
  2⤵
  PID:3368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1386433ecc349475d39fb1e4f9e149a0

SHA1
f04f71ac77cb30f1d04fd16d42852322a8b2680f

SHA256
a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc

SHA512
fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
c0bfda51a1002d674cc7ed5de8cc3efd

SHA1
ee63c280b0f392141f1a209dbe7aa5182759c97c

SHA256
65b63c96a7a6bdcafbcdd4871ddb531a1a73a912e45069bcfb123dd6786d6b87

SHA512
8d58615d57d00437dae4b55269f453690a3d63f14b7367ea3542becca205e47a5419a7b479d247e557f5627848176e4c19b2b84e0eef73274df2fed2e6ddf598

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
0528b0a92cf434055acaa3ae7e980ba4

SHA1
4b91b78bec34fc9e7eb8b50427b7a3a0ebfdeb60

SHA256
12b7470451601a7d32b76cefe45e21d9ca4893408f5fc35ce74cae97be8a1933

SHA512
43f2cc6d29355654b30fdd8167f027202c444eff4f5213d35263e338aa16239fa403ddf6dfea0740d95dac9a02dbb0b64eb77359b2e3111391662ed53e672b71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
be82484681bbe62a1d2167c56869147b

SHA1
ccc2faf44b2797a2ca9ac6ef91c15d404238bd63

SHA256
e08193211926bc709eb3d9fca8cb29083225d68ebcb98375f26a3e266cebdd59

SHA512
a48b44feee90a42b7f937d6a37a7a69d34b65fdcd629a38d5fa771432fb9ee94f57d4b39d6ef37e6ff8810ca02594632fa922d71863b7d85fed7a6c34807cbaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
52bceb6cb7cd9fb888522caf2b43013d

SHA1
99db682488fca9e6a029fb31d1d6b0b2d5e064b8

SHA256
479e12bd7f43882dc871348cb0b218fbabdaf2df4ea92f2963ba7ec09e8df7b6

SHA512
aaab4575a3e30f2ec56960c40762b1c308db6649a149522c6e693291d3bc3595e2dc8431caf7a854868c398ba744e5b00564c3f5c9bcc99351f9c7318f0862e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0bc3b6dc01088a2f81808a17dcc0f867

SHA1
96a089aa74a1e0077672f456ca32b4c7b63c5f9b

SHA256
5b5b5760d5f15546bbeadd1ca6234cc96e5c3dd8e54fe6722f6515369ccd1ba4

SHA512
047380b5274cddd3b1f956934e182955b690dd701f3f1bbb626422e5e040c08dcc3190c53deb090fb09b401eb4c24652a960f79960d048a724c14e0d7347153e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bf420c6d32c1411aea2d0394e38bdc9e

SHA1
9c0a11fc29aeedf56ea5145673918dab96fe2d96

SHA256
4f82054bf1dc48ee7b25926474d216ab05c26703693720a0455e6e6e646e4e67

SHA512
538993ae23d79c3d4311916bbe8eca445c281901a274d3c2bafffa3cf147cab2f922af8b4bdcfd722ae05d075b33a7b4ec835f922dabcbcf1cbed1d782dbbf90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f40741e64eece3c2d5e087482dfa37b2

SHA1
76f8298268ad347bb6640d870026d07f20243374

SHA256
3092f960079c50dfb52a7b3e72148d6acf3904d3b569e0592c666fc4f1cb6579

SHA512
12e7e949d789f240ad1060fd2188cfa692d8a6891b19950c233a9c1deb143049a45ac537e8997b26f5ec5949e7345b9bb479f0f6d7697dfe5f42e984668e6951

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
61fce866a798e1e65603295da9515c22

SHA1
0299b96cb5b7494a8142b1abf4553c362253070d

SHA256
1a7ce7ae1e649146bef664bd4157d02e296285ce4ecf9c97cf8663bff293f9eb

SHA512
7ccf27b5db76cfdccc71891804703b7017af8cabf581d090323d1ff037d9e584e6c7069d44858c31aae09a1e3c3365b3e3a7fce09e51f9597674a54fe7e10ba7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
3KB

MD5
c13b0ecff545976d32eba66c3817cae6

SHA1
dbda2fbf9aed03fa284ef19619e828ab6fdba79b

SHA256
f2c95b4bd7a1c3ecdc6e693b66f2f7f3249c3513462790fcde3d7096caa3bc60

SHA512
fc3005e5faebb650da235f5027fe156b85d1c236c054413b5d57a704309c4276e0c904956fdd6fb32469440bafeab1658b14d85f22bdcd7d1e645baeca5fd4fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f514c025a0f56d6696fe94b9988a1a25

SHA1
179fcddb9602b40764c787c5698579ccd0a78793

SHA256
81095881b717684e4d2e9b1481e12b5ceee0863bf1b29cf1d306e176f7f071b8

SHA512
9e7fc9fe2708b2f33762d7eff147349339981a0324b7117157b1b5b8495f8ee77bc523513d97971c4784f71efd1cec504be0689818249a0c5c0237036faea332

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
72d4578dba71e3a53a8dd6b10f102be0

SHA1
402d479f75010b0908913f98b7b4664bc1d1d0e7

SHA256
ab517bd710fc32df71e27a6673b7cea5793af41084bd02b24d265b7922bb4eea

SHA512
af3502899b24b6dbd9c2411254d8a26fbec383c106da72dbc465053625bedc6f53f90a830f5f88dc1c8f69d308fc6e65676067f40c321a27390538bcde327f8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8c01cacb206589af0a53cf25b87b2c34

SHA1
9ae215d434df140352bddc1a925b3fbfd0dc1e7d

SHA256
2d045bd085093966ac151ec39ba3338c0079459b719e2d78b6afe38950194267

SHA512
0f2a6fb65ff22fa91cfd74869ba93f75f4e31eb584c9028afc1cf5b0f4ea38fd30c694e24ca241f2a08d21656996854748a7f3bbeaba52cdb0eca35e7d4404ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c39e.TMP

Filesize
1KB

MD5
9a6b0d1805de190941db111fa11e8d18

SHA1
8e231d787dcda542e5d956a6284a1ef74b5c9ced

SHA256
2e6ee20b184f1db9daa6d2fdff54b56b44ca39a35236ae3a8d5cffb1c0853a7c

SHA512
ac27acde89ed15107d1d936808492f38042a72896d4459975776156d6fe8c61aa09051dc5f97432ae312dc3668c2513660531276bc982326a61a3d386a86f4d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e2050d0f1cdc4171e8417caee46104bb

SHA1
c35593f32c45a0d216f81081c9316ab39566a315

SHA256
17dc610a3b867a7558b2577ad35b2d27322ed7cc2934c4745ce91bdc1da64444

SHA512
3dd354499a7b7f2c53d0e9b860271e30fe50eeff6ec3915424df765c9c508c61c25e994110af3661902ba565a059e8abe76340d0197bca36741fb533eec7f0de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4b986d180dceae153c4b58f8f7a36312

SHA1
60dc318dfc0a62f9e1d1dd7a86f6e0689a3bca66

SHA256
321958c361798ce66cd98482f154d6d28654ee1f31732452c0d3541067f9d1b6

SHA512
3077e9ee1d200ffce4ca0b99f45bcf66092e029328121b1b39d39e208ca0b9e65ab4e33d6ced82a64929cea59d06af4af43c277994e6ec90f54b9f42dfd41326

Download Submit