50680941e241dd09be575bcd3dda30b07b253d4105325a438bfc1e0da6698d49

Resubmissions

28/01/2024, 02:53

240128-dddcwsbefq 1

28/01/2024, 02:51

240128-db5z5ahga3 1

28/01/2024, 02:46

240128-c9cwkahfd2 1

Analysis

max time kernel
210s
max time network
215s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
28/01/2024, 02:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

s4gye.html
Size

5KB
MD5

bc43ad2d94c3c0d6ca87beadd27f203c
SHA1

359a229ba06cce155f4dcaa591035de1c1383998
SHA256

50680941e241dd09be575bcd3dda30b07b253d4105325a438bfc1e0da6698d49
SHA512

1762fc3c108570a88534a743589f3ba2a93274d0d2fb5986f9df7009860db54308cff1bedc0db39c8b18bb5dff53041a617a209e1ea22447b67f2706e40ea06c
SSDEEP

96:jMJvdJC76O/sP98S/thxGkpAqcW0nzSLY87hliM0q+6h3NKAE4mX6oqb:6vdJq6O/wF/tikpqnzSLY87fiM0L6hXX

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies Internet Explorer settings 1 TTPs 41 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{717A0A80-BD87-11EE-9A4E-4E55496B34AD} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c47f1af20644814589e7a32def35942f000000000200000000001066000000010000200000009ebb1c4d3981c62df7eaa9ea18fd437adb4301d4b4c6d29143fc0e7d77f030fa000000000e800000000200002000000041690532d70d0ca689d5ac4de60ea126e060a9a18e06585a2d83e07ff5beba19200000001d18ba170919d50ef2e03c3d4480abaa578eeefd32a159dec0e7468dac39667a40000000b164557af12a23aa51fd6fdd46f65af0a545fe791cb187ddf85fa43af6bfdc625834aec0b90cbfcae02c5f257d81856852aa697fa7b1f46483e54dd5a6907fba	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1181799426"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31084948"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c47f1af20644814589e7a32def35942f00000000020000000000106600000001000020000000c49afdc20ca2e069bbeaff6aa9b038817e91741aeef511cf3823a9e73295b3e4000000000e8000000002000020000000b8b2bc32a279c31665a5c1571af87846fece0816a5282b212ff2bcefb43dd0d3200000007ece2dccd103cbaa31f9edd29c08b80cdfb56ef20722c76245616a93b63faf6440000000e921cc55021de67d96ce3a758c2804cf2d2d6799798d0a73021180e712cb91874e124b9ab7ef647c5fc12cc1a7794600ebc7c1e47060bdc8de90dbfd3057edf3	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "413174967"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1174298614"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31084948"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60b535489451da01	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31084948"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 803f2c489451da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1174298614"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1815711207-1844170477-3539718864-1000\{574D5BE1-8FFF-4EA7-82B4-0F77CB3B5AB7}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4504	msedge.exe
4504	msedge.exe
2736	identity_helper.exe
2736	identity_helper.exe
3032	msedge.exe
3032	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2348	iexplore.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe
4504	msedge.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2348	iexplore.exe
2348	iexplore.exe
1728	IEXPLORE.EXE
1728	IEXPLORE.EXE
1728	IEXPLORE.EXE
1728	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2348 wrote to memory of 1728	2348	iexplore.exe	84
PID 2348 wrote to memory of 1728	2348	iexplore.exe	84
PID 2348 wrote to memory of 1728	2348	iexplore.exe	84
PID 4504 wrote to memory of 3592	4504	msedge.exe	99
PID 4504 wrote to memory of 3592	4504	msedge.exe	99
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 2020	4504	msedge.exe	100
PID 4504 wrote to memory of 4876	4504	msedge.exe	101
PID 4504 wrote to memory of 4876	4504	msedge.exe	101
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102
PID 4504 wrote to memory of 4880	4504	msedge.exe	102

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\s4gye.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2348
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1728

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff916b246f8,0x7ff916b24708,0x7ff916b24718
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1984 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=2536 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5080 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8035476783927709809,1734368137091949102,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
  2⤵
  PID:960

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
b40baee421e93a6145908f67787a291a

SHA1
311874de97781222e06810a295e2f78a67b84f81

SHA256
25d9d82b04a8a02ccdf9e5980ff2749edcae335faf854d05e24a4a42b35bfa17

SHA512
77ceb1d112977f51b89484cbf29c7e299b9e44ba8e8f3daba20cfc71782b2cb1de99c58aaeae4f9741cb13a7389743863927cec42036666e3acf980be2cfd935

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
471B

MD5
55adff48fbcd7763c70a0d51d485d24f

SHA1
8ba66cb09d8e16d22c35931083d443155d3a04fa

SHA256
801c05af90120efdf31e4dfdcc5e7f2b76b9ca0e0746f58fdf12bf99287d8aca

SHA512
a3151d562469fd2412c237bb5646bb214a9a9f8664be4eb48fdf704d9710872e41947669f770ac74d9d1eb5d6ea5953e40cc5a85d57e56fc82708341154eee7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\80237EE4964FC9C409AAF55BF996A292_C0427F5F77D9B3A439FC620EDAAB6177

Filesize
471B

MD5
f239c28141b9e3b11b4bc748e3bf36d4

SHA1
1dc5e4f48366f9d21d1c7541b1f284437376297f

SHA256
0413ce38a5e1f42e8c3593851485cd7f0f1f0401411c7704f6c161d1b2e462fe

SHA512
31034739ec7eb3beea34c22dc6b808d42bd7497aa7bab49126991f9eb7e02a1dce67d12230b0d63d417974246929f87d5b70a3531c77a8da91c04499165af475

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_5708FFEAC0157D1BFA4AC2BAD862754D

Filesize
472B

MD5
9b546363c06827b1132bcc40a9e806ba

SHA1
ef8fff852952c40d98789a8f8fe51d7ff3057069

SHA256
263c128feb1b46f1a6518fecefc6fb2f9dfadf0f55eeb606b51ab8c405366d6f

SHA512
0ca519f798f4ee94b4745d22262ecde31bd46fb81b5931f1e60c4300a0a5bc9712d4e07007e49749288b6a55e62e7ba03f14583a57b1ad788deecd2d3f017656

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
85027ad2f5dce1189978f2f7595f686c

SHA1
86fcefd308024ecb7c19f713f4b1400842d15b3e

SHA256
e82091fa57a52ac3456661397c1fe5ba839480dbce9189e4d41cc4315f23a052

SHA512
12185336b08f3e15345aa28dcb42908b03400a9488869dfe9a7cae795f968b8127808d00366678014383bbe90c3c851a647ecbaa09d8c18f9f069c3c093bde78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
404B

MD5
2d2a2e404ceea72535c74d7c048440a7

SHA1
92ca5a5dd79db1ecafa8be59f4abd49096cc04d7

SHA256
d66ef9c5f35427795ef47c918a2ca23907cb0a80d066c067dd32906a446feb1f

SHA512
9bb5540c689a35788b0bf9d6251781641e55a4dac1c87248f897f675846b6af2caec7304f273d4fc81f185f935e96bdba0b6d0de4a5203173f8295b04b8139f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\80237EE4964FC9C409AAF55BF996A292_C0427F5F77D9B3A439FC620EDAAB6177

Filesize
412B

MD5
f3a7ede489d422f308ec81cfddf452a5

SHA1
d706c6ad17faf24098c058c184bdd2607573e542

SHA256
4252c88ce640998f3d07066cfbeb799bfcc9a3da1cd9138c9b7a0c4bf140de07

SHA512
fa704a809396859973e0b7efe6debd4cf8fcca56b457831694580cecfb557ec2b5c72b95184d7875d32aa4d7472003e620194390e17caddd2dff6e7f442a5f38

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
6fbe8d3e0e825b519c0d9e1c392ce974

SHA1
b408ae9c5de3877b51f0e55c0d01fdc72b5caa9c

SHA256
d50bfec713f02696017e9e18dc9724364a034df378b92523140e79b38c0d4c13

SHA512
c8c1851bfeb4140b0b25fe2dfa42826a3ed457c4dc54c90fa5cdbe90bbd91cf338e5e60531d2f7ac64f531c857589ac171c23801ff95ce163bf6c99976c04a51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_5708FFEAC0157D1BFA4AC2BAD862754D

Filesize
402B

MD5
e4201b94cc03d857f4da8b8a879043c4

SHA1
8ed41adbde4b6ee4bddd0192cdc6ad47412a6c0d

SHA256
09ecb6d017f7a4c615680fe9c4d5a7c499ced3d444e5c4b17711ece30a558e1a

SHA512
5759b68d05574fcb9d77ebd817a3445ce30023a5b7501af1c82647abd52ed29c0ae9123c7e683168ca2979ce6499d837866ad0340c70112efe393f06a330bd1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d5564ccbd62bac229941d2812fc4bfba

SHA1
0483f8496225a0f2ca0d2151fab40e8f4f61ab6d

SHA256
d259ff04090cbde3b87a54554d6e2b8a33ba81e9483acbbe3e6bad15cbde4921

SHA512
300cda7933e8af577bdc1b20e6d4279d1e418cdb0571c928b1568bfea3c231ba632ccb67313ae73ddeae5586d85db95caffaedd23e973d437f8496a8c5a15025

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
26KB

MD5
3e0b6ca2a9c26aee04addb4e37017867

SHA1
11b12d8fef7194baabf0834f735cb1a6d191084c

SHA256
8ec21e2b87437b72a175f87cd246015a81fce8a77e3aece36cd98978ff0a9a9d

SHA512
ea35dd4c638e8549f6692cb615f34c053a04969c403bf682ef16b3d1bdb554dac4f47b17a66e8f7278e5fd52af51382d3dc92e34d17e36b63f4d24719a58a425

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
67KB

MD5
bea64c447b0f2a1012d0ede8e09e700d

SHA1
03c4e014a1ed074ed2611b5889ed79b6f1ed8aa6

SHA256
34dcdd7a5b57897d1eb1a2620ae5bc31d4b5d80e761e62fb8cd3c2a3b907241f

SHA512
ac1c4b495b990d8fad333f54d3e61d5573efb7a0c7c584659cea48be8d4857461bb011b1f2a4966cd714bb9252cc1750e8e53f2203418ca19fcc8143fdea6b76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
1.1MB

MD5
fdc479da91ca92fb15ce23b847171962

SHA1
e096d0f96fd8806069af0a22110d44a4cd21421f

SHA256
7f790aacd2c2c295d6c7cf4177233bd90c07d951dba3f68e42c05c566209593c

SHA512
c50be621c38991a09a629f8a7c4a8c3a9c8947cf71b6dcd5a99fcbe16ed66b0d433d208120d0dd235d344bb4d70310576bbbdc012cfdac30f62c904e3418c230

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
33KB

MD5
3cd0f2f60ab620c7be0c2c3dbf2cda97

SHA1
47fad82bfa9a32d578c0c84aed2840c55bd27bfb

SHA256
29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b

SHA512
ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
74KB

MD5
bc9faa8bb6aae687766b2db2e055a494

SHA1
34b2395d1b6908afcd60f92cdd8e7153939191e4

SHA256
4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed

SHA512
621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
34KB

MD5
fb6b7a73ab11d7bfc518ad2b42559b3b

SHA1
99d27d784769f2435cb3000c698965f84c27f77a

SHA256
c2cead240b116a6b8c5b4b8c8b47d172deed8bb68759d8c8da1932e4748d68fa

SHA512
64e92cdce311310ea96ad1ff68f3c6eb4694b93eb48e98e9eee8c8a3f29c04642599af695068de2c02b1e59d6e2736301b7410a9bd977874a9c2800819ddade4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0

Filesize
42KB

MD5
8c8292b617b5783c270cae689962b186

SHA1
dfe818027cbcb8bf14677b775a8eb2e24c6117b8

SHA256
3eac67e86d19e7d3ba9f0f4446e2271c2997f08efee6e30334f52d82628a1fc8

SHA512
78fba7b19f353ff29ecb4d73b43d7ad908cf9101a259927c59c7de131c90cf4d6d8ebb7af10001b145906a8fd1d412cab40adcc0f77a5c307fd1106e0c248f2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

Filesize
2KB

MD5
444564883b58568ed1418b13d3144021

SHA1
2916fa44f9cb7adc8efd6cee00a00aab426ed499

SHA256
faea405bafa62242cb597915a36a814e98c89dc82a97a673f3f8d6818f32f9b7

SHA512
8419fefb128acadb8b0dd20246558b4fd38f6d00a245815308a01ad43bb6a410834b067b3364586949212f639b8c18242f6098261ea1e58d71f1fec616b0186b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0b29a005a3f64fe9_0

Filesize
2KB

MD5
4d2bc7e6eb9951cd25c1843561f052ea

SHA1
a369d419e9219d3f9f1380c052584726a5bf01d8

SHA256
d21c7962aa9ce1ebd9f03103dc35302f5e05b5a05d11dd8de4b08363a3800960

SHA512
d2f0ad04822832b28152d3ec2cd39629837c8bb036a3d761d4595a27ac2d47256c9335bde5c524c3798e2eb498f12fbe53d742cf3256a96fd758a2695ef8983b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4319af450fc4dfda_0

Filesize
34KB

MD5
2a0d2c42cd27486b08c5366e108e449f

SHA1
e1cdb22410684724c17f01c29ae1395a13224299

SHA256
086b5ab04488b8bf380daeb4ddc2f6900de462686baef3e6ee928abafaa656b9

SHA512
c5a5ddcac6f7a599ca41ed176a2c75b3b7245f45170ab64c85b9e1740ff0b719160f5a3afbc7649724a190c07202334ffca9ae63dcf060b60f7addac5fc089d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\43604d2a195c1916_0

Filesize
2KB

MD5
3dc2ced1b722ac35a4804761bc9fa9e4

SHA1
8ccf2ce723869c680de00c97c3ad958c1b8d02e6

SHA256
026c11b1853357b89ce56c8d79999d4f7c0ea6fd44713e2f6d430d198bb4759c

SHA512
f1072bb40170aef4b57b8754aa50f8cfdc1c29515b2081d553b2d677c1e28b02428582d1dbba9c94d66ced667ceb9ad829878efacacb34c48ce4d1ee985ed8f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

Filesize
1KB

MD5
ac4eef692af7f8288aea225c1460c764

SHA1
98b32156b67834b63860f3bbe3515f1bbd6eef01

SHA256
b809ef980148573a9a200abc70118bd8e907b045fa9323fcb11af118020eca8c

SHA512
ac83a8524e207a02f34b64388302abe510fbb5f37af94cb0734b7a11627d899c96c5f28901fa1d55f3a1fb9bf6230c62e9e00c826bf059fa7689a53bb6fda5be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4b98a00375dc9cba_0

Filesize
289KB

MD5
8d9044f63814daf4b3989bb43710c9c2

SHA1
f72c2b16582f1fc2805d569ccc6b2ca0e3831004

SHA256
446750ef875fac1e43689458c054977918d0bbb2e98328fde7ca4aadd77cc66b

SHA512
1cb997f27fcd6384cf38f6ba492d99bdf68f3ec3357236371a704e31a76ddd246b8a7988fc273e850439b85557caf796d54cf2c07799aa3f4eeed72fe41abac3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ba235c604b81924_0

Filesize
4KB

MD5
6b940b5004c3b145558622239d7c39ac

SHA1
ebb8e81aaa2c64d4b7dbb278304ed3a560296b03

SHA256
750747a7325db9aa5adae4d9248dc4868a340dacb58428b9d4d76ce93bbca39f

SHA512
b5a0c38b91ff74134b48c35069a9fe5781d0945f63e48a967c5db04ada5eb1542597ec8038ce1570b4b437f690634dfd6e058a0c1b798aa554f1b61bc90675b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c693273baa0190b_0

Filesize
10KB

MD5
5b0e60d9bf50497b920f4d2994c06bf1

SHA1
b21e281a465945cf2e23c19b91139afd97975985

SHA256
8eba3a573460c5025c806646acc66e36e1f4ffb6235405486454f9beb6889684

SHA512
4ce58425c44107a736061c20973dbb39f0ca37c09648a81384c83b9fa999c64846e0a69137857023a2b3b5858280b27021828f91098e60fb46406e14cea38ad6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

Filesize
3KB

MD5
2e135bfbffebf36760728428076f2b46

SHA1
91d86ddfe7beacc8974b4f237496800f36b4624e

SHA256
9fd6ed5ccdf09bb2929c0424fa6a64a513ba1acacc6088749929816ac7684888

SHA512
e45689d6696c6b922a785a6cb2f10ed561afd1981e0c005f0325eee855ecc40b88f29cde9ce6f35ce7a42114ee43b8fcd844974896ab2016bc69aa78f2138a06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5472a74b544006f8_0

Filesize
7KB

MD5
e6b3a86bc4767421e70325ecbfd44095

SHA1
ae72439463b4c2e9ec1bb452c3dc4cbf2de35ee1

SHA256
4fd35baadc9812c455a7bca67808e3bcb00dc19872668cb0912b0f3f34d88c93

SHA512
e23549df3e74a72e56f3a44038877b34fda6f17b01334a02c5703ca07dde0934fcc389c2788cd69554b0023914a22677b700d67b7a36b7364e1011624994c0f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6304fd6f9e3c8050_0

Filesize
2KB

MD5
d25e83d71d487c5fc6665332e13be353

SHA1
dab9ce3ce748ed89274182605ce4f600ae0bb683

SHA256
3dc36a29c8b71053aaa86daa331308fe0b0a17fe4eb7ae40c43999e643c5cc32

SHA512
7425c1805574150d12f7d9bccb7fa40a413447994cb6982148874a6518ebbdd4138dbc71510d1cfacba3c40d09ac70c09b97a400bc9de336bcea664450cb219c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0

Filesize
13KB

MD5
5fbebaf53968630398aaaf3202d92a2d

SHA1
60d893bc62b930a6a34ef3a17ed0bb5ef80d31c7

SHA256
3fa8390668ad791baeda4e902b3459e7c0ed7bef642227f9a37308b513842276

SHA512
0576dc095c06e9edd23e45c3f3b56ea4460b690546e9133e85da839e3e931e5003ab38618c5f022338de5a63db6c36f26ecb767d09afd66851e9358d9253443a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a0703df20b370af_0

Filesize
3KB

MD5
d365970187b213129e51bb207d350a76

SHA1
adc6d85d42ff29ad6b6dabbcb7067eff0ae62314

SHA256
6ac6c703682e9c26d9be26ffcc36e3dfd904bb103b00e57c48c816a7d54f7f9c

SHA512
140552f4c2be39b23357ecd8da18d269657e82e9fef37c758178bfe4ea5832faf6c041f5d5758ae24cf672747149580259003edd5914f00fb9ac0b9026767a2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71da22abe269277d_0

Filesize
3KB

MD5
7e92d5fae0d014382a5b5992c0653e82

SHA1
cd4afca6ab1a88382b58642c07924b86057dca7e

SHA256
77d2e8f1fd9220ddfe5b95b2365d3dbcb34f65173c3d178d5067d648b4908ac7

SHA512
593bc4db229835fa444f78300f60a4cd70d2055c35421b0efe437fa60c0da9d41b104af326d9f66466e2a617566d3984267bfb8198fc699370a5f9a7f8543f52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

Filesize
2KB

MD5
4b26c5a39aedaabdb1e373f02e0cca7f

SHA1
f437827f9df47f899ccde1857336b3eab9109376

SHA256
9c6f36a58bded35861b022cd09ad43a94e4f5756d0ac80ab678d9af0a1ce6563

SHA512
f50f1d0d1d6154121089eb961e9bc910dfd016aadc347984ecdf76278fdd4c969d68f46639e29c88f01ee4c14bcd891d3df4b446e3d39d728eea61bd4a41bb57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7d11df596af7121d_0

Filesize
3KB

MD5
bec00400e398f5fe1e9dd3869c6c9b41

SHA1
dbc9de5dfe54820c34fcb412996d88b7a8eab1dd

SHA256
258f84733ea850263a81d4cca6fbcd9d167d158e708384816c35739e39cf5971

SHA512
83f6510e83399990c7da60dd148a21d3ce927791bfdf6bafe0cfdb25664d28998dd1a81b6647aacbcd0dfa63972800ae151ff8f9f692eb383a42114ab6c8b550

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

Filesize
2KB

MD5
f6f31775504d4a362b1d8fdac9ad600c

SHA1
062cc965bf94611858b8776934c562989a646ea0

SHA256
c998cc5e2d418e6d4c36ec7bcc850d449255f63695e6dc7b8a118cd234c98585

SHA512
dc7fb94c2cb8af87e506489faac49c383d6f4a7afe89358f46216023c8975e6c0d37698c0085b18ba5a8e2f22116ab8e75300f5158ddc96519cd6532894ff27d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0

Filesize
20KB

MD5
8ebe2e6762a3531a3ed3da64e34302ce

SHA1
8519d5b17e2152b03e8c439f1b0e5134540dac76

SHA256
fe49d4875cf0518ee99cd662d0aaa33a8dc44b687f6a62f830fe9bc92db87936

SHA512
8734375bfd6a9a71b44e0f4d4923bddf1328d483cc20450cf0a6e6d49547d78a0d9768026faf6dce6c24c47024a3901c24b0eec0fe4eb1d7a61bb7e6de8f86d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99355e6d825b2751_0

Filesize
2KB

MD5
064ad9512c44177c681a4e53766287ed

SHA1
06927121f582384d94e2f6a950bca6e315a8831b

SHA256
9509664ffd0d8d59a38f548bf34ff2cec2f7657f021643f8b9375ec645e80a13

SHA512
a3b98fc7561b41d55f0e43961ac3571cc26c5e7fe9f59dc2364b5a2952dcc846c77f257e9e84ebfe72b06b050f170ad244ade1551bc72e6df72ad52ef377baf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a028a5872e884629_0

Filesize
5KB

MD5
911a1cc0d6e88e88afbd232fc661876a

SHA1
b2889932b6a595d5bdf332a1184945a2a6d15181

SHA256
d08787d3d2d098fdb7a63ee28c889336e012fed312a3b1c39a93679f1fe587fd

SHA512
afd5c1cdab35629cdff6501df934904451d9384abfe3e5f37f856dd7936d1dadbdf67ee463895de9fac88f6f9496024bb67d1b65a48995088c7d8685fc5c2c28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\afdc28b58bf8c2c2_0

Filesize
4KB

MD5
f907b101d1ebbc73a0c916c8b4e59678

SHA1
5b5dbdb52eb9528a88717673d77285e3254e2e9c

SHA256
607f9526ddd12024ec6a7b5587017267b124f2d2938a4fc564fc1a864e3d9066

SHA512
e3e902859f6c135be14a488cdc189eb38a0b77f70302bba2d152b0048053f1fe84d2e6af4493193b7138e87de181420cc5ead3267234f56d8c5d2ceb1f06842f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

Filesize
262B

MD5
ec39f8c86cc861959610e181072f4522

SHA1
28dbaa8d62cdc66996b47ceb43af6fd76afeaee0

SHA256
03b0263b46bd4f24c463d74a9d39fa062adbc82b23761350e71e24f86565cd59

SHA512
a834693ac2e34ec88ff7b8cc2e45a492ad9e12425ddc8a57f57b4c031c9c1bd4f7e2717cac24cd0194f96a3389c17ca42232781ee2e7aaf9c754e6b3c08c1e15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3c673e63fc243a1_0

Filesize
2KB

MD5
cef900cce2dcf7befebb2d6666fb2ed3

SHA1
a2b05281f940cb71b27fbe35669391be3742e57f

SHA256
1adf2e6295ab826c60598764fe33fff24cba0a41173b7bbccc892bddb6dfbe02

SHA512
33de3f55721924c3e8930a6055b069ea0c08423c2db199fcf0318acc36488105f22fdf90bf362073e105f6e72047e377222ffbc6ec4c77b038a1f8a6c5a7bd95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ef189c55bb899fd8_0

Filesize
3KB

MD5
31cc053e4fc35851564b74e12656feb7

SHA1
c5c1ec42a3d2c5449909efb858876a8e4b40ad3d

SHA256
a9cd1ba77ab8607014913a95d0513cc66b2607c17aef75178d1653fe09b843f3

SHA512
8bb9608e335050f5867e6a0fe04b1452206eba808d078f3e0fefc0fc3d69690507eb75296cf992680f2c92b156d951c21ab9f54a8c59bcc2ee9eff5a2e04924f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f7dd968ace5a467f_0

Filesize
22KB

MD5
d399c60a6e83a9f4944198638e347c5b

SHA1
00fc3a6e33036fde3d9c0de5ba9332d939badb5b

SHA256
e868603c732f8017c6ecfedb51d0e5688dc15e004892c4a300e1ff7cbbe25213

SHA512
135914ccabe7c8fb43a81f261b22847299cbc8d29654a5ce7177ef761b7e86643acea550d6aed74c1d02c4694456262aaf72f5800323eacb2f67496c09dcf900

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

Filesize
3KB

MD5
e5ac97a9be5e7efeb2a47998636936e8

SHA1
448fc0530471d1fabbdc827ce4036e0aa4c44411

SHA256
983723ab4103eec0844b99ced7354ea5de565bca0f191da1d7933bf3315a5954

SHA512
15c8d1291be2513357eb405fdbe9dbb081bee775d402676c4adbc299bac60cc825c2ee28227dd93ddb5ec4b9129b4fa9800c473b3314491e802c48a25b6c2487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
481B

MD5
4ca1f397f1d5f2265f8d54c6b156eb9d

SHA1
dabf7df7bb2fca0d060ed5bc9c303347a14f9b00

SHA256
42e0668485c22385c208f063d1fd345bb7109be23d8a62ae119df6b516d94f19

SHA512
96b3a3f5909d259ae686e37a0c132dc6af785609024acd58dd21223a015c451e62eb6c40989631b6e3a44dc15162eddcbe72b6c9ddd113ea8094a75ef57e3b3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6905bb56351eb70463612112643af910

SHA1
a573c4163bdfcf6ed52f800c19e9bb542dad313b

SHA256
fffa4ee4cbc9f8ccf84523c0e488fe1d92922f390de0bece1c2127a385ddccab

SHA512
d6b57253f265f74da45b9aa227d88b16327395b5ec13bba66f37e0bf6faf1bcb829fb47f9ef348916913230900aa58f5b438bd9c7833440bcecd3bd7fd9a207c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c17eaa63bfc9fcc5fb9dea50386ff5c5

SHA1
e667ce39c50434a3072b7870b26a763bf3c406c4

SHA256
fc4204233dc6095b29ff5b3402b19c4191ff7fd396cf1589864d1f8f5dcdb940

SHA512
3b2bd486bba75eb2eb01079b57a836ee98cf219b7807c147d3a158ee072d1fddaa619fc94b1ebf8f8f4b90df454a79fad1f08d8b7fd76844109fedee09040fa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a1a29ecb8f2eb1be36e2edf52fcd3d54

SHA1
7f34476f88e78e835d0fd1656d657cb31e156747

SHA256
b10b3b34ec4cc03f2f5b1b83f497b5d101ea68d04be49312cdd1eddad15c6809

SHA512
0d9a5d4db97d89fe6bd80527cd08922498b76d61948ce282ef666f9635864f228eeec27a129096fd4e9eca1aca3b1e68f7b0599097de2f2ff51ef84699b2fc05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
646dbe28c7941e61401fe48f257f3946

SHA1
9f004240850b560342cd5b1395d0c45166cb5c3f

SHA256
fce7979b526e5cde0c56e7467afcd0c12a0c615bffd860d568aca4370ce5166c

SHA512
43f39e76cafc5ca16230be68e669ba3179aca4c9571d94d1d4123afb4967b51974b61855a9089bbe9cd42a0fd1b29b3d8173ac4ae6a80f44ee2166e508482278

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fec462c368caf4fe2e3e39f20fa885ca

SHA1
36321f41a838f35f48a30fd6b0bb79882e6ddc4d

SHA256
24aad2e74860f40242114373dcdc7899f4cabd7f03a0d30b86962345eda3ae01

SHA512
40a282bee29deb79a4bcdd8f3183dda0353d3029b68f007aabf256a8cca058c595c19448477323a1e96ebed63dd3680e957725c30f5670a8932e4925e85bf2d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3c406682914ab05f45d51c92d95c9ab5

SHA1
fae51e5dec3b9fb7ee08dfb068e89a9c4480e5b3

SHA256
fad56b15d422c8182a0c0822dd0d5ce1e8f037507af5c2b47c04c8ce03cac1d8

SHA512
d3326870b14561736e553d92f7111f4a0f332a09c731c36c8c107c28833d64ff466320f6cd1d36f374d7f7870c1fa600b224f9b8ecdf0d96eed2f5f1f40bfc64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8a0c6ebc549a65daf3da3a670dfabd93

SHA1
e5fc16e4d6d9fee228a6bd6ab41b7b85f5ed5ca3

SHA256
cf377e4d2f784000e4e18f80a4ba2750bed54a8960e33103feffadcd552f1587

SHA512
2cb68a5e9961fd528c845a0a4b858901a59a25e940799b0d09c2d7a8948e29e8707c15acf1e62255518ea1532de5b036cd48a4d7d02a8ae83a20423f782dbffe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fe9adddbc0e42c1bc882dd5eb6b498bc

SHA1
fd969ca30e237dd4cf8a5d58773f8020684b3c21

SHA256
4ba86ca42a71b1f7d510b8bb94416864b66e965541ce5a7caac2a3553120f942

SHA512
0d152e43d3327c859abfe0d548d08878ae7d0a85f877075566d4d534fa9fb037fced86636d2da9ec4ae193168989997b61253ebf6c71044730b4a494b3197a4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c0884a00ea3ebad39150871050081b23

SHA1
427efe6d9563b165b7bd24672f0b10a97d5c3d38

SHA256
544d16e42040ca6013a500c1af88cdabd0e172241a9c7749b64fe240c2cd05fb

SHA512
fdf3fb7379731acccc8517740c71c685ef6891a5a41c24dc69f352711c2892f7deaee1054b5984e2690a0c112c6a7ddcde1e92abfd1d5513fa881c967d038219

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
1d1c7c7f0b54eb8ba4177f9e91af9dce

SHA1
2b0f0ceb9a374fec8258679c2a039fbce4aff396

SHA256
555c13933eae4e0b0e992713ed8118e2980442f89fbdfb06d3914b607edbbb18

SHA512
4c8930fe2c805c54c0076408aba3fbfb08c24566fba9f6a409b5b1308d39c7b26c96717d43223632f1f71d2e9e68a01b43a60031be8f1ca7a541fe0f56f4d9f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
23d6393f6e0880d982f828e4a67a26d9

SHA1
f0e23c23b0f8376db5fc40cab00e5dae8083a133

SHA256
fe513b8c96bf8dba6d212af25e71d9f5168c4501a3e3e573a7f837d33ddab24d

SHA512
c3d2b48ebb39156ecd01b35ec399581c5f38ba26aea3220dcb2cffb6e86fbc6c6891a7a961a77c9102f11e72bc1b100d9365317ee9de57e6ebfd25b1f44d5e6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a4cc9.TMP

Filesize
538B

MD5
c32e772a5c68ad7ecd31da57f61e2918

SHA1
348889316621037c2d724823326689ff17d59379

SHA256
1cc1ed3aeae0772a24b2d13a6384a24d708ea982f328e0982deae096613c558b

SHA512
fbb48604cfb59b2bab3c551ef1d9e4f7eaf9cadfeb083185cdd5b112d5a6397a66cb4407cdeed1c2f7e1be362423744737af1342d980e6729afffcbce3daa3cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d77b3466bd1d37057f2e8db7af04a5b5

SHA1
a7ebdcb9a056c557093a0d3f73f2f7234ae5e1f6

SHA256
7ebe8fd2a6bb336447a55fe65d25cdb7b7560994b5eaf9fdcdbf6d1b3fe91bef

SHA512
ae624aa69be2cf715ee4ba2a314b8d46a939d2afbe3fb43e92b18503c65393d5cdd780f8bf0b53da7c7f45a0e1acc5527ba0c047035d31908edafe6f39881c64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6AXLYU2E\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit