Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://plump-paperb...

windows7-x64

1

https://plump-paperb...

windows10-2004-x64

1

Resubmissions

12-01-2024 20:40

240112-zgbjcsehgm 1

12-01-2024 20:30

240112-y946psehbp 1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-01-2024 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://plump-paperback-d30.notion.site/Roberto-Tomassini-ba4de666e1f84999a6ead74d7fc05836

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://plump-paperback-d30.notion.site/Roberto-Tomassini-ba4de666e1f84999a6ead74d7fc05836
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4156
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaed2146f8,0x7ffaed214708,0x7ffaed214718
      2⤵
        PID:1052
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
        2⤵
          PID:1900
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2144
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
          2⤵
            PID:5044
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:2428
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:4344
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 /prefetch:8
                2⤵
                  PID:3936
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2452
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
                  2⤵
                    PID:1876
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                    2⤵
                      PID:332
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
                      2⤵
                        PID:1836
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
                        2⤵
                          PID:4052
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1644 /prefetch:1
                          2⤵
                            PID:5784
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                            2⤵
                              PID:5908
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
                              2⤵
                                PID:5920
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
                                2⤵
                                  PID:6096
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3024 /prefetch:1
                                  2⤵
                                    PID:1708
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
                                    2⤵
                                      PID:2012
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4732 /prefetch:2
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3500
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
                                      2⤵
                                        PID:2092
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
                                        2⤵
                                          PID:5428
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
                                          2⤵
                                            PID:4812
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
                                            2⤵
                                              PID:1700
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16159806515026641621,10197784499960438783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
                                              2⤵
                                                PID:3252
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:1172
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:1508

                                                Network

                                                MITRE ATT&CK Enterprise v15

                                                Replay Monitor

                                                Loading Replay Monitor...

                                                Downloads

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                  Filesize

                                                  152B

                                                  MD5

                                                  5e77545b7e1c504b2f5ce7c5cc2ce1fe

                                                  SHA1

                                                  d81a6af13cf31fa410b85471e4509124ebeaff7e

                                                  SHA256

                                                  cbb617cd6cde793f367df016b200d35ce3c521ab901bbcb52928576bb180bc11

                                                  SHA512

                                                  cbc65c61334a8b18ece79acdb30a4af80aa9448c3edc3902b00eb48fd5038bf6013d1f3f6436c1bcb637e78c485ae8e352839ca3c9ddf7e45b3b82d23b0e6e37

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                  Filesize

                                                  2KB

                                                  MD5

                                                  bfbde2b7eb55ff829b02547631bcc518

                                                  SHA1

                                                  34700183ae53c26fe641f29ab278682173f2ab9e

                                                  SHA256

                                                  8d24708ae12df27fcf2c9330d7013f11503de392e315383f627f012f903db44f

                                                  SHA512

                                                  fa16d6c6ada22584c97e1b2a1848cc22a85af6b04639be0f090e50404d3489d37cc70dbf0dfd0fcee5803a2bcdbe0c9173eab33db8ffd3da7ea7379524fa33bc

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                  Filesize

                                                  2KB

                                                  MD5

                                                  7241adf75eac3915ec8e0d75377f7ecf

                                                  SHA1

                                                  99b8738995964affb14fb466c77010d2a30e758c

                                                  SHA256

                                                  f7486554d85dd691cd5c69e51051a021f5438de4f2de5c73818b0ea27d7b5a58

                                                  SHA512

                                                  36c4370e3293c333b4e3f9446e62d220b2e159c0755eb6e1c3ba3e7b15240b28b80a4289b759d5b881bb2c62edcda1a6398227bfb9ff3e289b256081934cfead

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                  Filesize

                                                  111B

                                                  MD5

                                                  285252a2f6327d41eab203dc2f402c67

                                                  SHA1

                                                  acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                  SHA256

                                                  5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                  SHA512

                                                  11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                  Filesize

                                                  915B

                                                  MD5

                                                  005d4190d80743ce19cefc3e86daa154

                                                  SHA1

                                                  90a57b7e500aaf40a0413ba1b6e5ef5d8f6b790e

                                                  SHA256

                                                  f108130bc2b65370d072d2a4af30ddb5940d0e1c7272fd4672eaa1e78d0b3ada

                                                  SHA512

                                                  69cadcc7501aea4c184318f0a49688931dea745d0574c592f636ff46ea3dc79e4ee5320dd27a88fd0771e1dc1fe35b386b2bf52d185d9a3705aca73961ea0963

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  5KB

                                                  MD5

                                                  5538c5ce4afc4ac969a498068d78f65b

                                                  SHA1

                                                  5e4099869415bd4ba61f2f7bee662e7451bbb1ed

                                                  SHA256

                                                  264620770a26a777e6f2730787355bee7c1a4cde098fb2400bf987c2cc3b9c70

                                                  SHA512

                                                  eace667eaf4f85eab372c7fe5e6c67fdcc39fe289c10fb579149a3c3254c91dfe30945a74af6890c012453921eb5e97308bc6f9b8bf353d6128581ea6e1bbc9d

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  5KB

                                                  MD5

                                                  9c3e90ce9b245bb552a8d4604f42a5c5

                                                  SHA1

                                                  357a80156caeafa6e6523fd90b581d7eca0dbf81

                                                  SHA256

                                                  deb1d9e57fb86b5e764499aae3893969fa63ca3f137dc0f2560983d7f1a90ce2

                                                  SHA512

                                                  84b7ec807156a03a7c18af39938b7a445057864f0d1c452d32d25ab90d8d91bec279f8ca580999363ccc3a7e038e07952f4c05365b8a1b704af7d225a8612a2e

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  5KB

                                                  MD5

                                                  ae374c9a981e727bca3ddc4f1025b412

                                                  SHA1

                                                  82741b0943aac3116bd870c75c12d035f392ddd1

                                                  SHA256

                                                  9f74d8f2b5c669990d8ae3d53d5716f202831edad02a053ff71ccef1a0181467

                                                  SHA512

                                                  2aaee6474d41f573644e53d2a64195586ab5d20f00d478b0bccc330ced6fa996abe22fe5f93cce89d4836d18ee0ffe29d830af4ab5c53dc63a965dec10761896

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                  Filesize

                                                  24KB

                                                  MD5

                                                  6db2d2ceb22a030bd1caa72b32cfbf98

                                                  SHA1

                                                  fe50f35e60f88624a28b93b8a76be1377957618b

                                                  SHA256

                                                  7b22b0b16088ab7f7d6f938d7cfe9ae807856662ce3a63e7de6c8107186853e4

                                                  SHA512

                                                  d5a67a394003f559c98e1a1e9e31c2d473d04cc075b08bb0aab115ce42744da536895df2cec73fa54fc36f38d38e4906680cfacfbf4698ee925f1609fbb07912

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  704B

                                                  MD5

                                                  ccc221160fa60a280bbfdea39feea1d1

                                                  SHA1

                                                  ca7cae679aef29f7f070a2f4f90a4fe2468ee4e9

                                                  SHA256

                                                  36bb8a86a91e7428496e268610395e4caaccebb60cd72665efe6991d3049653d

                                                  SHA512

                                                  9d57cc0a21ad6f730b160794295b5f6ba8902118563a4e33f67115798a367cd0f201f9f84c30753a953f5c9872c68895971f2a0ddb8cf85012731b798fcd7aaf

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  704B

                                                  MD5

                                                  7067411ffed2cb2278bf8aea4ce2bbfc

                                                  SHA1

                                                  fa16c23afad674cf43906584d42aca40c5234d41

                                                  SHA256

                                                  78a42de4839792492287eb2a2b8024e889765e6165ddb1027b854dbfe285fdd2

                                                  SHA512

                                                  3b695015ba2fb0e4a42f2814da0d05a394729eac4920ed09dfad013a8423b4d38fea21a6f19de1225a95b3088e8cef8c08e0abbef1c15ae260230fdab7bb735d

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  704B

                                                  MD5

                                                  eff92b2db53dcea5662159bf482b8708

                                                  SHA1

                                                  f821a70fc766c59412ca601bc1bb0e1739410534

                                                  SHA256

                                                  aa599a673850885618ebc1e593bea0b121269ad1ad5998a76023c0ea36f9f0fb

                                                  SHA512

                                                  46abb35661bf58eeadafaa4e266022e14e59eebb8db668502a7bf7e6179caa3dff4d63db4f076a6087c7f6e403ecc177ea5bb641354f2fc252221d8364e7c4e8

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  871B

                                                  MD5

                                                  ec683bb1b15107644c161199920fe2f4

                                                  SHA1

                                                  146beefce9a12061e2a8ebfbd532e951333c9b35

                                                  SHA256

                                                  2f8d9eee37a65a2ab59485cfbe02f09dab0a0efae18b5824eb77ac7610185133

                                                  SHA512

                                                  4ea92fbde126f02f08d1d43cb4a90eb4f43209382b7c9d66dc874ee6c97e475c3eaa979dad7b193725fd771fe7fb2a6bd30ea44f1d6e82ca9d9b8d4c0ac34c96

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5799de.TMP
                                                  Filesize

                                                  704B

                                                  MD5

                                                  7fd05b75b4a1e08afe354c8d7320b7de

                                                  SHA1

                                                  92b9095cb3cd6eec9a2adde683875d778a2add08

                                                  SHA256

                                                  de4ff1d6bdb12b0a6e36cf8e5f2b140e88823737c94b2cb78f8764884142fe55

                                                  SHA512

                                                  1fd374fb336203d8a2d3d4a1d27155f35e178fc170c2255f96ca5ca9aad266fcf1ec54c1a1697ddd33d51688c80693e7801d4a17b05c21bb244994eef6beee38

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                  Filesize

                                                  16B

                                                  MD5

                                                  6752a1d65b201c13b62ea44016eb221f

                                                  SHA1

                                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                  SHA256

                                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                  SHA512

                                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                  Filesize

                                                  11KB

                                                  MD5

                                                  cf35a045864e8b3c6fd54d441ec99d34

                                                  SHA1

                                                  0e67846bab91edac7eea8957b93ce28c872617a0

                                                  SHA256

                                                  1c08e11dd1e8eb58497fe467d310c980c6e5b4376636ae221553a9ff8a396868

                                                  SHA512

                                                  4915c71729887642e2e8ae6e0b71d2a3c825a33dd48f732771b7f70ff20aaf9fe6e6bda46eeef0245288581d22bca8f74a2b6d91a6f086344f6253edcb4b3ea0

                                                  Download Submit