hxxp://google[.]com

Analysis

max time kernel
300s
max time network
303s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/02/2024, 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{9563F085-2181-4889-980B-CFDFE9AE78CA}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4008	msedge.exe
4008	msedge.exe
3400	msedge.exe
3400	msedge.exe
4020	identity_helper.exe
4020	identity_helper.exe
5044	msedge.exe
5044	msedge.exe
5284	msedge.exe
5284	msedge.exe
5284	msedge.exe
5284	msedge.exe

Suspicious behavior: LoadsDriver 2 IoCs

pid	Process
660	Process not Found
660	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 51 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1612	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1612	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3400 wrote to memory of 2444	3400	msedge.exe	41
PID 3400 wrote to memory of 2444	3400	msedge.exe	41
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 924	3400	msedge.exe	87
PID 3400 wrote to memory of 4008	3400	msedge.exe	86
PID 3400 wrote to memory of 4008	3400	msedge.exe	86
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88
PID 3400 wrote to memory of 1056	3400	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeeadb46f8,0x7ffeeadb4708,0x7ffeeadb4718
  2⤵
  PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2976 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5312 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5552 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
  2⤵
  PID:5956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:5476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1800 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2040 /prefetch:1
  2⤵
  PID:5128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3676 /prefetch:1
  2⤵
  PID:5284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2328 /prefetch:1
  2⤵
  PID:5428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7628 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
  2⤵
  PID:5808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2268 /prefetch:1
  2⤵
  PID:5748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1744 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1
  2⤵
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,76358384126870933,1206249422281289764,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5344 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3260

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2c8 0x150
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5e77545b7e1c504b2f5ce7c5cc2ce1fe

SHA1
d81a6af13cf31fa410b85471e4509124ebeaff7e

SHA256
cbb617cd6cde793f367df016b200d35ce3c521ab901bbcb52928576bb180bc11

SHA512
cbc65c61334a8b18ece79acdb30a4af80aa9448c3edc3902b00eb48fd5038bf6013d1f3f6436c1bcb637e78c485ae8e352839ca3c9ddf7e45b3b82d23b0e6e37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
69KB

MD5
a127a49f49671771565e01d883a5e4fa

SHA1
09ec098e238b34c09406628c6bee1b81472fc003

SHA256
3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6

SHA512
61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
30KB

MD5
8d3260c7158092028aae869c9721b9b8

SHA1
7327cf2f5e713754d618246fa79a514baa29c69b

SHA256
96d480600f4436e05af6336a79ccb7f831181590297848d715ef0f50a73fdc96

SHA512
01c6313a8462c5e850924d101abd02cbf1d62165e36f56549cd1e599e2bf6ff9951502f39c82629a7d1e44ac3cb998e7676ce6bb40d383b4567f30d9f0d9ba1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
88KB

MD5
b38fbbd0b5c8e8b4452b33d6f85df7dc

SHA1
386ba241790252df01a6a028b3238de2f995a559

SHA256
b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

SHA512
546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
1.1MB

MD5
d307ce6ce114ea2d363c2e709df6f9c3

SHA1
e8173b7467489dbcc7fa23bd6dc2557a70624ac6

SHA256
ddc9046c4d6ff62e0859e12f84c4c2e7e154fbbb230dd415a788e132dba831df

SHA512
6e10b866683259c13aa5f956d50450866bf1e9f6401edbfaf9cc1388a1b6d83fb27f92fdfb3fd01de431dfd6c967f1e6c253f776ba2d3e87268fb88ac908be11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
26KB

MD5
48d399faaa696e710b9d841b934461e2

SHA1
8b867014ac0ae0a2b81a55f171deede8336a496f

SHA256
c905a4d23caf1f95d96c244084f15336fba5f65b74de870ec5c2be878410625d

SHA512
e5394eb68a809bfb251c26ee272f584bc786252667c4241f2f05e1f0f640cef65cd293f538d35d402633dd161bbbfa41898e6c4031848c9e68a03cfec36a5e70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
16KB

MD5
04bba95bc0a99cee69cf76804055f05c

SHA1
630d29c3fdfbd8b8a8a201a7e02b32ca31b6b438

SHA256
2819801c269f97def561b372bc25c10d8098f1e0cc07758e6f0e5b175e074e89

SHA512
c9b0be48c21f15065a5ebc433a0b4c2dd3ca8f2ed2c0724aad66958f99c81315f3feeeae427346e2a2035ee291299aea7aff2e7a006ffe51e2eb7cc38741921b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

Filesize
35KB

MD5
0be32c62087dc03e476125cf8635fbb1

SHA1
769eb911d83a719cf1552eed1feb6075bde6459f

SHA256
b78fc3e12862ef9226096e40ac2316c71fc5f78c74c2047f8a789bce05628cbd

SHA512
f8b2dc3a678b12eb9ac22af4967dbe2bf8c6175da357d922bc99641c682e453b4482eae6bba9e5b74929bea4ccc589506e290f15f59aff49b0c244e610bf72fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088

Filesize
704KB

MD5
19cec43047746a5f02923c02806d5a0c

SHA1
d5d3b56be096564c54d92f2b12e7fe1c03c8c406

SHA256
c7d5d3752c8e0519cc0ffe43fa13f3bf73e2d1a21a52438c59e4c235d5aeb949

SHA512
ff77aa4e871f360927c27e737eae9ce6e2c0acf11c3c477ef368847ae4509c342f32172fb5e1f9e3fd2eb1a06080f6b6e007de94091318df2625d32a57dfd751

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
896KB

MD5
5c509ef69e02aeed0ce6440240001664

SHA1
2c1cd0591cec4159c4a02051292c3ee3ae16996a

SHA256
376b6f576233988d4f1655420d73205f97d3e901d89b6a50b4cc881c2c2b5d79

SHA512
fbef305cbd39ef043560c93eb4f5c152e438c6591e2a17cc1e6cc788689cd4d4c8e4a49a4b7fbfb1ec7d87171188b2077b4821267e8d1203550e59a777fbedf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008b

Filesize
1024KB

MD5
b48c4ae42b610bcde52d3c2435b03709

SHA1
c6ce86d84fc83e43c320bdebf32ce47335a8eee5

SHA256
1b63c03b6c7c056350d96dc0126d1349aa6246b827160d0b1fa782d30ad074ba

SHA512
bafdfcc64b605bb1ee2f3cd5f52e24512fb5d2f0a49a2f508febebfd8f465a929213cabf646d8b6066d750ca5052189630966852e27adddc6ad7b8aa0484986b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092

Filesize
1024KB

MD5
87c37ad99bc6bd8d74bf5e45dbde6118

SHA1
df05800d230ed2da9a3f62181ce5bae71d08a6df

SHA256
e3ab422f1a2bc4192aae106ef0aa869469f273a648ca3f7d78dfb3a2c8519675

SHA512
6a8f8f3c9304c063a3b1671cc6546657373a2669682fbf6a4b3cec8c6ec999d7b893e07a359b4f4b2edac1fb0059b7281a7331a357174bb3d7858cb902e941fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000094

Filesize
591KB

MD5
0195fbf71921910882d8cc58f0f813d1

SHA1
133dbd55f8161980ffa1a755d203afe767b9da40

SHA256
6908ad482d8fd2648184c2cb1e61851276f6770796168763931e1510cd68309d

SHA512
1e852f588f15738f0ac3a0ad0a5f742fefae64e90b462b4c07f62e418e445e48ad2c127443d48d50220bf834dda34c8f2c2be64fcec0c1fe98617ac99da6a3dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad

Filesize
1024KB

MD5
7bb95acf8a371a1c8ecf62d109505a52

SHA1
7cf0dc8e7326f1f1468dd493d4907a0f4a9ca5c8

SHA256
fa8c37389c707b66329370966b0d724550c9e7e53d3623f9ab2b93960626511a

SHA512
984b13aed6fa978ee499c380e633f3bbd421d86eb567b12f77eb021b8b4fe23524ea2aa9c4ab7095d098dfff0b5daf9fb19b7a72587d8e71a5d08dfbdc0ff0e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
55bb68492b73e49ac0c019a21ba72411

SHA1
bc07e392b8d68101ea12cf9d2af8aab0887b9141

SHA256
09ccccc4b28c64ac887cc81567c9588184ac25da50a801e522c9cf30d69fb723

SHA512
1e3a08517a6fb527613d1697a04f9c7a6f692871d8d330a4ea9ba858262a21cb4c3fb0e5907c08299e0593001971e3bc9bf8b328815178c2d2328203b7c9a5bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_twitter.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
63c017d2e21ac826d23f4d71d05862b7

SHA1
72dc0cdbeefa7c7d6324cdfd115a9c303a150f54

SHA256
c29019b1dc36c820435eb62811843adb42647fea84c0b2bf1e18d66828ea6947

SHA512
1883b0c720ca90c37d85262cd983efb011fd86a17f5fa944b866993d03634ee1d7dd95d1a092cc6b8db294251f168fc00b31ef051e20d5294350b3e1a933fbe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
a3d67792dd49c4085a4845b5deb5ed3a

SHA1
2be0afc943b2f0e7d8b23667f005fe18a8ed2026

SHA256
7486b9fc1f20aecaf3f617f2fffe0c60a9f3149275b387a7801884548406aae7

SHA512
9b82a589091c5c5ac3fdb2fc4855349f985b191b419bf4b7a857f3d86db60429018df9765c0defd2fcad3e409887892a946b7e83f3f2e3b0502637dff934a09a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
88c65888832f0cb53dbc63e2e755267f

SHA1
32e49943b90002daf94c1744202bab1494edefcd

SHA256
66fa82d5e5dfa596043e564b2df703960e09515bb02eb58b527f3cf3cd36d2d0

SHA512
cbbeaeee2d5c43b8ae521063ab791de2a793029959a31b4a0f2a2a9cdb8a56fbef2afb4be733ee5da092e5707ac5ff19897b689ef9a1ac526d68d1f19325b47f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0674f7310a9daef7f83142a8de27a830

SHA1
8a01b4d9bc595b7d0faa90ec7dca19e8e7810189

SHA256
36b6439eaf40d61bb454eb491e010d9a989bbcf04df182216ada39d77aef80f1

SHA512
66fee671ed6dbc6eea1aac6f1aaf120b96a09bdbe79976e64510838712188d1c4032d03e89d1fab115692889980c9c7073b661539c14ad33eaf27f788e69359e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3d00634d00b1f43c1d7ddf52b179414a

SHA1
ae09733cc70b72759f198ebce0f25aec9907290a

SHA256
a9d095f7239ea15676a3dcc792dbf8b3e2719bc6f3f2a4cb9a72e1ec586dcf1a

SHA512
5bd38c68e07e3b508ee7ee35fc5f1a56079f7135fa5088184e29cf48a84c2a8b2f1bfe5ecbee1cd8eb9397ab9d69cb305ca953ee2e7c662f28438575de94c847

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
10665fe557ff3a9b4dd20493cc62dcfd

SHA1
36d8aa225a0885c3ef5094f28f6caa0ea2071338

SHA256
21c8e95253f5c0b3e6fe504636134f956416e4f805935eb3aa5ab075e7e20058

SHA512
3bfd35340fde3c2e8d84d180d9109e0a147d937814f015238222f43de3088025c43e5a5b5767a0dc67f3827a68f8210ff818790014db87edf098cf2850e13006

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
acef083828c859bc3da57e515aacbe3d

SHA1
b6418cb40f5dc177d4b2e325e50536a7767e1937

SHA256
d42c0fa93f94258ae1ea7c0e14198771a6832a0be0982840d7e7965d911a1a5b

SHA512
0b08c1bdd95f18463f3dbe47d7ca3711782cb34f88cb60072fe4cb1cb293fc5b84ce3e2c71848dde583203676cdca0e9876ddca32c96048f5099142a299af784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b82d4166361731261864f4f2194cc2bc

SHA1
55c79e37cfc2635c7de074af2d9b3ab4e91acbac

SHA256
a1a7dc5bfe8ae0beb78ec20f27f925613ad6e5ae4791e6589b4144c37ef73864

SHA512
f3adc079e6365fe28ca09dca82d106527f93ab703febf56cce7e2a4d5d73140f48de99c02826196ddf82032264203fe742970b7bc94f9caac01ced76664c6a29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
376b45693bc731501157b6e483af164c

SHA1
bc22f89c1c26adcd9eb48ccd6eecb476a23f36fd

SHA256
2eec91e1937d22e94a3ae427f68ef75223f3835a1c8ca37be603ad0d758e8245

SHA512
447eda1cea5af387bb5d20272d65d32cf3227b2a9a73172019311314935e1e23654292e7cf93ec7524959345950575e3cdfc096efc6339ca378e6b1e99bdf9ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a7e827509a5b59e2753add79cbc5fe5d

SHA1
bd6528a09b885ccd269084f69370696c4479b4b2

SHA256
7eb87f1d2c5061606f46a778834007174b66d91a63d315fa7233b379efa961cb

SHA512
2940a67b7c49aec68d07370dcd940b462cbe1db61ea5934d061082a1e351dd8a8da8a6d7d372973db87a9ed1a750267d7986bd57eb69124b14da75fb86d76ac2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
765f3778892e062aede747c7a21f62cc

SHA1
72d89295cd16d3948aedcc97d0252c2816cad7f2

SHA256
9526827c790d24750678747a90d07cc85a2be7dd289d9883c07668439baeb5bd

SHA512
ddf041bcc3338179612b676e910bae6fcc7c5016d727a8132dbb1e9b91c4165a3fef98f59c0ef454809cdbac30c7d5637cfbc351d0629bce5043178bd3df61ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
6db2d2ceb22a030bd1caa72b32cfbf98

SHA1
fe50f35e60f88624a28b93b8a76be1377957618b

SHA256
7b22b0b16088ab7f7d6f938d7cfe9ae807856662ce3a63e7de6c8107186853e4

SHA512
d5a67a394003f559c98e1a1e9e31c2d473d04cc075b08bb0aab115ce42744da536895df2cec73fa54fc36f38d38e4906680cfacfbf4698ee925f1609fbb07912

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
7e4f30ea9a3957bb2d3c0812693af319

SHA1
bae1f4cad71ee36f050f24771bec821a11e01105

SHA256
bef9c54c46ed6f50328cc6c56165bbd4fab650197ea05ffa77cabfed46049bea

SHA512
f9d6589f5d63d8f45a12b7976f2518de87666707287a9cd1cbc9ac28efcb740e39ebd5b1427dcd4849a51b5ebe0b6faee57cb91de48815096e3fda92f020de16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
65b3c168e8f38839ad48f762c3bcee72

SHA1
4d1e31e1cb9920997485198f9cd0b6a3bbb974be

SHA256
918fbd1d61fd1db32662702595bdf683d00cc2a26695763bb10391e1d93de87d

SHA512
9440bb0d97b0731db564012fccf50ede58cdc570a1fe281076f58ddc2d8fb51950941bf7719c5d4d347e34f2398066b7e1a91547a22a05c9881513b8343a6b35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585aae.TMP

Filesize
48B

MD5
9c1d104af96b6a224ff57fca8eccad69

SHA1
a2482824c94866f6d33b0505e36c3818d61c5fe4

SHA256
bbb953269a5e316e9a4b3b77704d5cea90b6f0125bbb2f2510ca4c7476938ae4

SHA512
44f793c29af9345b84833ab39a2d2ea4316a7d080f386e7ddf8550d9a9bb09d7eac772da0afa121813807631e332c92e85e8dc44eaf5b4c4c21c881294dc0d28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
92c41ecfdafb84a24e2700c8c771b652

SHA1
44b24c456e9388361ec907c85fbebc19cbc781d4

SHA256
99c45bfe1e05ceb552c31d13861688aa3a2839e0db645c88a4fc51861d048ef1

SHA512
4f175f38820e192c5273b1d33ea57cea09de8371bd53de69afc8b12d7a42359c0db1a9fe1127b31cb4177c795c30c42dad765a33f0dec8823a292c8e968641a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
ef3743d3639c7cf4f0973ed73348ae42

SHA1
273b04b7bd476a94b5ff09e51bd44548d97a47b0

SHA256
2c03f0fa9d358dd030f57bac77959824fa73446731ec3113493fb30796d40e30

SHA512
5269dfdb4ae6a25d6c22c55b0b825662295a736b73005572e862218234ff2bf08c239aba5087188e7c44a969181ca10f05948a09af8796e1b6555d788a936f96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
21af82a52859d026f00c7f6718880ffd

SHA1
7ce2400f5d84f5acced2927d8e46ac1976bcf803

SHA256
7ad80dc515d17a85b9a0074028351618f9307c4e75bec530f04897c55722420e

SHA512
ec9c1d53c1027be9501bed46977ed33ac4bd309cee2f7f4c7b89f615f30e504ffccdc189b12e565797b5b66b5d398b034b83754d17af720aae2922735d71e873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
a9bdf114cd3f41f0e1063e270352c9e4

SHA1
60ad0cee09d0d73d0739c03a58eaa66a5571afa3

SHA256
e1f787e503c0fc9248a8c46409ea33e5c0fcb0990b5760f697230283563e2436

SHA512
21cfd660cc935bd647f09295b0de1724e0e663de2fda64f5d740667c3db90b836a510c3a0694cabcc1f41124e659785171f76e52d5096a27db8d480b3d8d701b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
e915db41f53a516c60f542870fa16bdc

SHA1
edd49a2b56ef1146c4efe3dd548b812e4e536b14

SHA256
b29912cb19872933d71727925b25b6550177fdda027108263915acd704985c0c

SHA512
a78775fda7aae3258063ef0e68f784b5522c07db055a273fbb4dca75b4146856cf4e88fa4312525644ec2491c46466372e4f9fb001f25672fbf6783e567cc62c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5fbf116740ebb5bc0a4434402db0ab8d

SHA1
f7b745f3e0b85e67e2bf1cb50c60d0e4c3b393d0

SHA256
196ef21156c13375a832f7964ec9e6c2770f5fb3e40326e84defab3f0fd4f465

SHA512
a94bde3d3f1dae7c537ad4e820a31bdd1341430a153d972e4d65be4dbf17601fb79556fbd12fd8f11c5754b0fb9af0ed9de77fe15b8e272a9c6fadcdf4d1d35c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
9fb7f97f55dff8f1ca1a7c2ad2d8360d

SHA1
53a484ae441f50f725ab488d9e77bd5e4263692b

SHA256
075217948466c6af7eb7e50f65d3f246c0fafc0e6b51e3a3c31097457b2483f6

SHA512
685695de224f65fe11fb6c28a423d9e11e4a97b0eb6d9aaaf677aa9ed7c4c6012980a54156efee7eac77d6361bb570138f9085a29422109b6c39bfb17d3969e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
ba757656910decb9b7d66a9f556bbafa

SHA1
05eb415c028d95ac5803415bc5cd75dc532383fc

SHA256
033d727d7ae0573f9499315b31dea99f7283499147de4e84e88b60ffe752047d

SHA512
e4c08e1939de6686cd63f621c2090ef067cf7ddfdbaaaa3aaa803d21d60765f7b72cd7e4e3c3beae9a2ffb40cfafcdca9e7859202a966aac04e7f0610263547d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
eeb37c9d03587690fe4be921c860ce27

SHA1
3d97c0a8ddfb2865a233b886feb4517cf9ee2276

SHA256
c929344aad1e416b8d3833df44eedc3cdcee478839cd0d8c0ef203dca959e824

SHA512
3e2c605ea9928d2bf9409c8db41938d005afb99d0aa531003fa2ea7989e68d3d90573aaf09be8617e156d01ec87959373c25f5ff7e4e72eed3300ab107df11a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
8fe87d1e1232dfa92f6c2c579605efd2

SHA1
185ebb6c447a8fead34991c67b71ca9a0d21b16e

SHA256
18b9e1ae779f4c20b363f0f94452a7fdbf0f207cdd479a77d35ed07449716286

SHA512
80ea10c13421d8919915d23df2b7e731bb99ec5a91611b0bc5d48ac8f6cb8d9e5a006fa03601806ce3a9d0bdda38c650aefb3b354854c7bec4c6b839afc58868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e6be48c834ff86bb323c2648aa9f46fb

SHA1
edc0994a4b927589f5fbe8c520fa0eadebafc419

SHA256
5f5764f7dd5d6b49e8b707a5da330df165a874050e8e64587db9d5f3d42d765d

SHA512
d6a20ae71393bee24f538483c308cd39fc742191e8cf1e287c927ed6cb3c14a70a4997575c88d43b85237245c6e0b5ffa5996528bd3e83727e182f34c73b5164

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bca9.TMP

Filesize
1KB

MD5
87d3e41d60477ee4d7873165d6d39643

SHA1
cbb652619b42043d414d596de1b2b75f6025d155

SHA256
88b02095eb7e18335acd4c3ce0ca7f673c3bcaf8377c49845be116301e7f8173

SHA512
3f68aa81821425deb4b35d1ca5902f6ca95dfcce2314f0c25b657f14d8a8c1d7f1e4726723f009546e73bd7dd7e32d596e0e4100b25467423032ca4bd579754e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
415c88905bd677e93ac375926628e209

SHA1
ce6f99379a238ea7de2177484af7beb229a6f863

SHA256
52423179e305cc083537525d74c3d4d18c48b4504535ef78a274b2f487ea81e8

SHA512
5a2dd4a35c4a821f27502cbeaed44d4d15cef55e317ea3d3b7fd295a89c8857f44eb4e91282614610a25dc0a2734821bda394e8ec4ed19264887db8f663b3211

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
5e7d6fac3e381816d3f44d19b071ea4a

SHA1
9cae037db74747e16f18210320e8eee4f3dd6254

SHA256
f241d2441379cc19758fb34f31c6e48e6df1d6436256fb95699fc6ae4e99cc7c

SHA512
28fbeaf6799397b68650373a8443004f6b05b4c7f59c2ec9e0af82b555ddd6312011587e803cf8b5cf847d12a6ae6758c2f842167086616edd744aaa10dfe72e

Download Submit