Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://exego.app/nl...

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://exego.app/nlwWO

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 34 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://exego.app/nlwWO
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:428
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe8dad46f8,0x7ffe8dad4708,0x7ffe8dad4718
      2⤵
        PID:4448
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        PID:5612
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
        2⤵
          PID:4460
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
          2⤵
            PID:3784
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
            2⤵
              PID:5080
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
              2⤵
                PID:2104
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5740 /prefetch:8
                2⤵
                  PID:2024
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5740 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4392
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
                  2⤵
                    PID:5408
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
                    2⤵
                      PID:5696
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                      2⤵
                        PID:1832
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
                        2⤵
                          PID:5716
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                          2⤵
                            PID:6120
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
                            2⤵
                              PID:3628
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
                              2⤵
                                PID:3712
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
                                2⤵
                                  PID:3320
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
                                  2⤵
                                    PID:2284
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
                                    2⤵
                                      PID:2720
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1
                                      2⤵
                                        PID:5680
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
                                        2⤵
                                          PID:5148
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
                                          2⤵
                                            PID:5428
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
                                            2⤵
                                              PID:3860
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1
                                              2⤵
                                                PID:5300
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
                                                2⤵
                                                  PID:2488
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                                                  2⤵
                                                    PID:4132
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
                                                    2⤵
                                                      PID:220
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4688 /prefetch:2
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:744
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
                                                      2⤵
                                                        PID:4332
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5380 /prefetch:8
                                                        2⤵
                                                          PID:2904
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
                                                          2⤵
                                                            PID:3740
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 /prefetch:8
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:2168
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2080,14710263819382384534,17338212597385808730,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7512 /prefetch:8
                                                            2⤵
                                                              PID:6072
                                                            • C:\Program Files\7-Zip\7zFM.exe
                                                              "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Vape V4 & Lite.rar"
                                                              2⤵
                                                              • Suspicious use of AdjustPrivilegeToken
                                                              PID:5476
                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                            1⤵
                                                              PID:4892
                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                              1⤵
                                                                PID:760
                                                              • C:\Windows\system32\AUDIODG.EXE
                                                                C:\Windows\system32\AUDIODG.EXE 0x518 0x50c
                                                                1⤵
                                                                • Suspicious use of AdjustPrivilegeToken
                                                                PID:4004

                                                              Network

                                                              MITRE ATT&CK Enterprise v15

                                                              Replay Monitor

                                                              Loading Replay Monitor...

                                                              Downloads

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                Filesize

                                                                152B

                                                                MD5

                                                                1386433ecc349475d39fb1e4f9e149a0

                                                                SHA1

                                                                f04f71ac77cb30f1d04fd16d42852322a8b2680f

                                                                SHA256

                                                                a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc

                                                                SHA512

                                                                fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                Filesize

                                                                28KB

                                                                MD5

                                                                3453dfe7567d7cedc3614d6ce75ca0f8

                                                                SHA1

                                                                1b8a9f33190643164b7c2bf4b70afa607df640d4

                                                                SHA256

                                                                1efe8f7bfbb4023818648ee7918fab631a80e6c85996c0a3e4288998836b8c98

                                                                SHA512

                                                                7b207ba43103fd9ad03ee032f3460a44a3b8fa7fb25ecb617a82d678faa28f1af316af57bb610d69ba17e650ff41192aa9b3ffcbe6492cdd605891f420923caf

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
                                                                Filesize

                                                                134KB

                                                                MD5

                                                                4787dd34ac59f7876fc7a3e8c4d3c01c

                                                                SHA1

                                                                0a2fa42f0b64a361f9404802fc4eea75da616df5

                                                                SHA256

                                                                cebb59025c724f97697d4cfabceb05bb69c991351ef578467104cf1cbb35beee

                                                                SHA512

                                                                fcfe75082898e159cbd1b0a2d449df81c577c04822ba598431c179d40fd9c87e9f01376691993b8c1860c189543c1a16cb8512d60d01270bb411eec229b5caed

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
                                                                Filesize

                                                                61KB

                                                                MD5

                                                                a1eb05b2e53b4908558d8ff04593ba0d

                                                                SHA1

                                                                cf7fc2706462d69876d05b3a8485a5b5ff71bfdd

                                                                SHA256

                                                                d95fd728438d7db547d3f5aa714b2bc81add8cce4dd03b0ce479d2dcfc61bd52

                                                                SHA512

                                                                108ab871d7bb98b5feb0fcbf6705710b34976da63ffe1033c8b3fe9ef2723238d9686f3a1d49f64b6f11dacb69953effd81badcf4ff42d3506bf0e85fcbe9b1a

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
                                                                Filesize

                                                                194KB

                                                                MD5

                                                                ac84f1282f8542dee07f8a1af421f2a7

                                                                SHA1

                                                                261885284826281a99ff982428a765be30de9029

                                                                SHA256

                                                                193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

                                                                SHA512

                                                                9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                a1e2298a7e20f427fd7bfe460c5412c3

                                                                SHA1

                                                                6de2a6c14da830ce8e92e4670f94f893ca97081a

                                                                SHA256

                                                                b41a6c613af923eecf357423ef6106d4aaaa8dfd4c223b1ccb6766cbe6e7e44f

                                                                SHA512

                                                                d6087092b32a1f35afc02a304902aefb66d1376e6770133bbfb1d2c8814e43bb4feb638b205c8ce255172154eeaa06fe1a4d01b0443c69267246108cfe88e286

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                ccc576129006661dd28422fd3d2da69d

                                                                SHA1

                                                                6901a518e86cecf3102dd8751038775850b07313

                                                                SHA256

                                                                9d25bef7e92330acf8b4312315ed4feab3738d8d7a12256346bb6116af493839

                                                                SHA512

                                                                606acfe0a51d6a6cfe1b050db31e1c3203dd2f02ed1e0c7c21a6cb37bb9b14d377cf39f13b6154e6bc32a00e14f25a14adfb18fe5909fcb8e2d622308e751723

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                91ba9e3a40636377ae9583b5a1db8330

                                                                SHA1

                                                                dcb0cf6106d7d1ca9e4a80009d6caf3931adc603

                                                                SHA256

                                                                1622a7767bb88be72a1b7db8f361a77f1de4fdcba380815f1eedca7024f384c8

                                                                SHA512

                                                                32312c71507987ac18b0d27b833acaada8c1c24b689345a27a7f28216a7911231ddbaa76dc4f2152b7114893959dc2c0a8f150efe784dabc0b32369e9be34006

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                dc836bf600e39c0aca9b9cea396563b5

                                                                SHA1

                                                                fd2b7a8b3ff6f57a0834ca056252bc9020334bf9

                                                                SHA256

                                                                57e906bf82403e86847fbfddd690130bdb332fc190dbb0e0339ea2134e421157

                                                                SHA512

                                                                e856d31db14e9d5c317822df908b58aa756dba9eeaf64c03a49f8ff4e431f2e704fa21eb2d70cb024ce59ad75db7ec08e8409314a19c7bdd31af38570e434a8b

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT
                                                                Filesize

                                                                16B

                                                                MD5

                                                                46295cac801e5d4857d09837238a6394

                                                                SHA1

                                                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                SHA256

                                                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                SHA512

                                                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001
                                                                Filesize

                                                                23B

                                                                MD5

                                                                3fd11ff447c1ee23538dc4d9724427a3

                                                                SHA1

                                                                1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                SHA256

                                                                720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                SHA512

                                                                10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                Filesize

                                                                7KB

                                                                MD5

                                                                3e2d20f1828cb91665a7fa67e7555a16

                                                                SHA1

                                                                778a80d7e5b5730037772fb020a027674f0ac870

                                                                SHA256

                                                                2c551190b2673099d1df4d56b106527dcb9599474b1f5c5d3dd2c5ea409563bc

                                                                SHA512

                                                                a2a312fcd1863185693606055faca756183fd0294ee6afb03c1c2836154f8052084992288af7326cc893801a8b8ac4aa941d0b3a17a9a3ed6195bc1833f783df

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                Filesize

                                                                7KB

                                                                MD5

                                                                455aa83cda0765342bbf1f3388dcd1e7

                                                                SHA1

                                                                6835de38c220678bae091e5d91b5ac3fb1b20c3d

                                                                SHA256

                                                                79284f054094736f49094e2e9183d58ca269d693c5551290b06771ca3d032c8c

                                                                SHA512

                                                                e98b2c033905b9b3a8e5eab70566324b6392ef0f7f49ee9a7c5de200d40fbccbedad46375329e4c6ce1abffe5cf16b943bcd89d9eb52cfcf6a4750a8518c8fca

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                Filesize

                                                                6KB

                                                                MD5

                                                                f3475747ef67ea2111109b2a6a0b8bdc

                                                                SHA1

                                                                203498a3826f21086cd8e5ff37c5a50202a649eb

                                                                SHA256

                                                                2b3099d706ae030dc2384f1143aaabb2ba95601fd8b455757f53f886cdad3b82

                                                                SHA512

                                                                5c52e118136795539dfd5153ea50bab601de5e02fc7783053cc93244611dd585bc600ca8b2c7ff825d6538c2ea640702c0963515838a883dac04242f09d3c0f6

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                Filesize

                                                                5KB

                                                                MD5

                                                                32ad67152e547464b8ffc5c207599aaa

                                                                SHA1

                                                                2736abb3dc8f7920642b86327c532846b26c4160

                                                                SHA256

                                                                5afc769cd093d288634d4b13c35b7b87cd1b168a020155bb47b58e20eddff252

                                                                SHA512

                                                                a836a064980b3290c6730d2f6c7ad2448fbd98034942d9424fb30d83bd66ee2dffe902ee8ca7e9a673e249a2a2a4a6768f8cf7a25c4d7b10d4c104491f4aa9d2

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                Filesize

                                                                9KB

                                                                MD5

                                                                566f4615c1eaf298c96237973169944b

                                                                SHA1

                                                                1fc95dd032ad6660d48408e0b8b66c272f83af77

                                                                SHA256

                                                                9d469ff8e56ba4601b1852eb39a5e90278de1c49807493443f7524f8b4911e91

                                                                SHA512

                                                                841052a7b9eee3db42d3229bea3236bb6c9b71380c8efc4aeed594879dcc7b48ebddfd4d8a69ceb8b11f47059fab0fbee23bd1c1cc6f82945ec17145e2dccf65

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                Filesize

                                                                10KB

                                                                MD5

                                                                e26a8293c5f4c3174356b48f20d5565e

                                                                SHA1

                                                                c3cc8e774554ea212c69c55e8f7b567fd2a1a18f

                                                                SHA256

                                                                da6e65edd00ea04810b5534d679c49e03c3511da8a90ef467b5c0043f7d6fdb8

                                                                SHA512

                                                                6184dbe30b226b9cef0ff66e28540be0922142a2d8f7599320142919517baf2951a058a05df980daa24399eafd54a68d93db8cb38ca3af2e997a92adaebc177e

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                Filesize

                                                                11KB

                                                                MD5

                                                                c235185342ebf82dcd497eca8bc210fc

                                                                SHA1

                                                                fc2b1927f506e83971e19d2fc6fd0c4700c966e5

                                                                SHA256

                                                                b4ca5203493d24e593cdaec569031d7425c50a487aeaedac8ac2f55c25e0d7bd

                                                                SHA512

                                                                dc843fec415adaa03fe57bb86baaf45b2119b5e536e81ed6ea41e4d4d1e3f58b684ca88565f6cda6c6b2a43f3d41b16d412f99baa7893fca2a42b2a7c7b43c44

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                Filesize

                                                                24KB

                                                                MD5

                                                                e664066e3aa135f185ed1c194b9fa1f8

                                                                SHA1

                                                                358ff3c6ad0580b8ae1e5ef2a89a4e597c2efdc5

                                                                SHA256

                                                                86e595be48dbc768a52d7ea62116036c024093e1302aced8c29dd6a2d9935617

                                                                SHA512

                                                                58710818b5f664006a5aa418da6c8cd3f709c2265bc161f81b9dfe6cdb8304fabaa4ce9deba419fe4281623feeeaa0321f481ae5855d347c6d8cf95968ee905e

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                Filesize

                                                                41B

                                                                MD5

                                                                5af87dfd673ba2115e2fcf5cfdb727ab

                                                                SHA1

                                                                d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                SHA256

                                                                f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                SHA512

                                                                de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                Filesize

                                                                72B

                                                                MD5

                                                                a2d900d3cbb24769408170e128de618c

                                                                SHA1

                                                                d71b8e69a3448f05ad49eb7f134c0b0bd2f0c603

                                                                SHA256

                                                                12864b84562f3ee80feeb842dfe4ff4987907a3ffa72788287f4f58bac522d6e

                                                                SHA512

                                                                1c1852c2441b4ce8a247b9b538c9bde23247550fa3bf17b2277b107b2775c6d990a3a505a12f8bbfb69512e645c96fb2ac7bc99da69c0187185bacc89adf8a1d

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe598ec9.TMP
                                                                Filesize

                                                                48B

                                                                MD5

                                                                352150a24d425a49801c4c352ee3d704

                                                                SHA1

                                                                5341c89486008398cef372ede8419f495fd1c0bd

                                                                SHA256

                                                                255e7cd928dcb1bb705d09e6edecb1e00c6ba30649a44f25fe0757b49c954d0f

                                                                SHA512

                                                                fd5909ce1f0d079274854dbb03e345fbd599a742feecf332757e3540591a85eba283b0045387487fd2396c2c9db6e17becd7181a8bd916a239c8b68e9db62523

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                Filesize

                                                                3KB

                                                                MD5

                                                                c3e5d1b35618e08404c88e778c91ae4e

                                                                SHA1

                                                                f88b1c6305de572b9dda58dfc92a7d13a6a1b4cf

                                                                SHA256

                                                                60fd6daff24b960cdd0a87470a89593e634ae77badca511a9632d6c6608797a2

                                                                SHA512

                                                                403656082da71023e209c1af8f83789e274a2f1289088cf3a9956fcd7a5bcf30a1598aad06e4a55262f8320df466bf2bd7b31bbf6e586d04d5bd962006152a6e

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                c2e6b72e825295b002255e62dd6ec04c

                                                                SHA1

                                                                a1a58bbacf8516c9b026c283039e6d0636f8227a

                                                                SHA256

                                                                8e5a062ad6096a3d40635f86dc419f3a7273e4a7669770ac80712b16ea1a6a88

                                                                SHA512

                                                                7343f4bc961361a043cb18f0b32073b0befeb4b11a5d12401dd910b8da96a08cddedda672742337dc01945369c25f7048a8d380e777a7b4a745a940b265dc5fc

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                Filesize

                                                                1KB

                                                                MD5

                                                                36bbe640cf6f7f6f5e001b1b58af8206

                                                                SHA1

                                                                17ce4bc0be234686d9c141d96a32fd43524e6ca3

                                                                SHA256

                                                                bacfecb0d46399aba6a677d7025da5d0c617dce0106fb274f676a4da2a0a90d7

                                                                SHA512

                                                                c7a7ffa41ff50e74babdc922a5e38f3279003ca0d9ce246bddaf6dfab3481e92e5f57d603995127f6aead3a196d6b52fe2460a400caeba6c3f2002b69c24513c

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                Filesize

                                                                2KB

                                                                MD5

                                                                6d0f4ed25361e5f179b05ec895b053b5

                                                                SHA1

                                                                3e094089fbf99f889d6355c710f64589e17483ce

                                                                SHA256

                                                                d35999a4fcf6baf3b339e0f7d302479e69e89a668027eeff9f6bf2634200a5df

                                                                SHA512

                                                                dd1a9d7c7f4f2d6df1582386cecd83c73080c1306388ea24362cf57a7e82f9b686aab3381d5eb9054d73325cff39d70982b0104bae1547c4d94761b70378e99b

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a79a.TMP
                                                                Filesize

                                                                1KB

                                                                MD5

                                                                f5bd504d037fb202acba91671ede8cf3

                                                                SHA1

                                                                7cd9431f3b20574937ceb22a551e7f1bc2b48ea7

                                                                SHA256

                                                                7d8b96429d18f6ae9032d377c6cefbc74337e861d3bb880e5f4752e637923dc9

                                                                SHA512

                                                                2b6ebdd944fe2250b65b52a1db454a3e69bde5191de00e2620f30b93722b75830a38c8d5095f5c20c70696aa5fc3e316bcb73479797e16cf22e7a422dc653b4d

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                Filesize

                                                                16B

                                                                MD5

                                                                6752a1d65b201c13b62ea44016eb221f

                                                                SHA1

                                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                SHA256

                                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                SHA512

                                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                Filesize

                                                                10KB

                                                                MD5

                                                                414ce1ebed0284c0a1f65272f48c2ac1

                                                                SHA1

                                                                1bb91f9f398ee9a07d82ac6fadd0f76ededaad57

                                                                SHA256

                                                                6754be450888068e89b19826c68dfad9ce557292711342dc39e81aa8002c2002

                                                                SHA512

                                                                0b41729c770de2c19e35b1e325f9945481834cc2a062955a51311566ee681bbed748a6d3619a8d49747d6393b8de8865b121ff3b53fdc82e35caca7faec48275

                                                                Download Submit

                                                              • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                Filesize

                                                                10KB

                                                                MD5

                                                                58db30d05e1e5883c5a14da6cd6d3842

                                                                SHA1

                                                                2a849bf3abb8495c66fce3a1dfcbf3533f677339

                                                                SHA256

                                                                a77f244e36cd76b0f2eaee998c834e9dd08ddbac5501e636161b4cec5250d17d

                                                                SHA512

                                                                9a12f377421b26982efe081907d7304851d0ffa9d0dd0791bf8a8efe226b035838de4a85bc350699df15f25e80351bdc75f98a3da616e53e9bd67d3aa79b1099

                                                                Download Submit

                                                              • C:\Users\Admin\Downloads\Vape V4 & Lite.rar
                                                                Filesize

                                                                7.6MB

                                                                MD5

                                                                e0e316812ef29181424dd2a1736e4c1b

                                                                SHA1

                                                                7a821a56ff8925aa553a6a238aeee7bf145842ae

                                                                SHA256

                                                                cb07ea11ef0d2162b019880383e4c1fa2349f3ec594117da6f87f89514a78c85

                                                                SHA512

                                                                a687be81a726b80019df676ffe8447aee47cf32eab7e9e899894e6bb6cd7ad24c56b9bf97d15bebf0f91b62d9a27d0dd9c97f874c5202efe713284be8e8a009b

                                                                Download Submit

                                                              • C:\Users\Admin\Downloads\Vape V4 & Lite.rar
                                                                Filesize

                                                                7.9MB

                                                                MD5

                                                                4c63bb23af6e63239be6468d76255476

                                                                SHA1

                                                                2aeaf68e8efc1fc731d4fa9869cf4d35a58a5b5e

                                                                SHA256

                                                                491357892b7146602a9fd95774ce5510fcbae16e3bd17ba3252ab7518d66592b

                                                                SHA512

                                                                9514c434b7f8922baffc7fbff6b7635f318f7f564c46414eb9b80832a40fdc073617cfe023ac082d9e05fd3d052fb89117fd5f340f060eb0fbf101291e5a9b4c

                                                                Download Submit