hxxps://steamcommunijty[.]com/gift/6388299377

Analysis

max time kernel
126s
max time network
125s
platform
windows10-1703_x64
resource
win10-20240214-en
resource tags

arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
submitted
20-02-2024 20:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommunijty.com/gift/6388299377

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 5 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

description	ioc	process
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

DiagnosticsHub.StandardCollector.Service.exe

description	ioc	process
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DiagnosticsHub.StandardCollector.Service.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	DiagnosticsHub.StandardCollector.Service.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

Processes:

browser_broker.exeMicrosoftEdgeCP.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = a0274fa33c64da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\F12\LastSelectedPluginid = "9"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\steamcommunijty.com\NumberOf = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "268435456"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a57f6aa43c64da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 544dd1a33c64da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\F12	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\steamcommunijty.com\ = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\NextPromptBuild = "15063"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\steamcommunijty.com\Numbe = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 10ad31eabe68da01	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\F12\DebuggerFilePickerPinned = "true"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2694788800-2737334826-1937309534-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

DiagnosticsHub.StandardCollector.Service.exe

pid process

1540 DiagnosticsHub.StandardCollector.Service.exe
1540 DiagnosticsHub.StandardCollector.Service.exe

pid	process
1540	DiagnosticsHub.StandardCollector.Service.exe
1540	DiagnosticsHub.StandardCollector.Service.exe

Suspicious behavior: MapViewOfSection 9 IoCs

Processes:

MicrosoftEdgeCP.exe

pid	process
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 18 IoCs

Processes:

MicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeDiagnosticsHub.StandardCollector.Service.exe

description	pid	process
Token: SeDebugPrivilege	5008	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5008	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5008	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5008	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5056	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5056	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5056	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2648	MicrosoftEdgeCP.exe
Token: SeSystemProfilePrivilege	1540	DiagnosticsHub.StandardCollector.Service.exe

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

pid process

872 MicrosoftEdge.exe
1952 MicrosoftEdgeCP.exe
5008 MicrosoftEdgeCP.exe
1952 MicrosoftEdgeCP.exe

pid	process
872	MicrosoftEdge.exe
1952	MicrosoftEdgeCP.exe
5008	MicrosoftEdgeCP.exe
1952	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 63 IoCs

Processes:

MicrosoftEdgeCP.exe

description	pid	process	target process
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 4696	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1952 wrote to memory of 5056	1952	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://steamcommunijty.com/gift/6388299377"
1⤵
PID:1816

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:872

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3444

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1952

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:5008

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4696

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:5056

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:4756

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:2648

C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1540

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
Filesize
4KB

MD5
1bfe591a4fe3d91b03cdf26eaacd8f89

SHA1
719c37c320f518ac168c86723724891950911cea

SHA256
9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

SHA512
02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\36O6T7NK\edgecompatviewlist[1].xml
Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\CommonMerged[1]
Filesize
591KB

MD5
0a87936cf5a69c4acbf907836d8a39d3

SHA1
7e8aa29618d9f32ac4de08158b07553dd95e04ba

SHA256
da5df576197529c480646a41bf2749b8266fd09345438380168ce46b5c9edf76

SHA512
6b44d4eaa3fc4be2c17ef5288d93eb68ecdf996478c2635cc38380de3131f654211aa3bcde3d76250c81bbcb7daabe62f1cbf0f83a5ce11d3418995199af3b05

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\jquery.min[1].js
Filesize
86KB

MD5
220afd743d9e9643852e31a135a9f3ae

SHA1
88523924351bac0b5d560fe0c5781e2556e7693d

SHA256
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

SHA512
6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\loader[1]
Filesize
41KB

MD5
a38cb2d5a0c4f4233b535d38e2dd8967

SHA1
0875bbe8c942b21f5cd9363ea696fbe0d77fb25d

SHA256
87f6cb22072570b4dba3d808d6f8c9ce75ff7c49092259890865eb0459307990

SHA512
69547918b8f43488091791c745ca8542ad3ca8f4a557514624b569c664af7a3dd87c2f814044a79c75e1667f49ac9bc63e7a050a0694180fe3cf270543a67848

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\controls[1]
Filesize
21KB

MD5
a4a318511d80be37665e73ec973b81e1

SHA1
920d4c59429eaed48793adf1b2a022f02845dfae

SHA256
487bd289a6ab1696dd8a4131e450cc750705ccca1a8c2ccd72877ccd1bb64ba2

SHA512
7ff0ec31a5286633b7c76dda03437c61f1f8ef792e46a600443c6c8ed2a717540ded82f3b4bd10d34a4f13a912e12afb07d221d4150e7ff4e761945e0ec95afa

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\fa053f1026688db42bb507f691f0d991338c35d207dd[1].js
Filesize
102KB

MD5
c798a00f7dbc5d3f6ee6312acd0de71f

SHA1
b10cb8252917f78ff5c5241a5cfd4654bff08772

SHA256
d627d0202c593e635bc9a662fc641090d0c6402dce8a2468aa8a0cdcee7c8d3f

SHA512
d6ec377b81fcbb89a8ccfba71ff4b0c6409e909ef89c4e51592f7b8997103cc2c5e5dd1f4f6e8225d6a5a87b8322e1ef962129723a539ca1ee3aebe4ad90b1e8

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\04949b75724ed62efaceafe9dcace9b82321ab24b087[1].css
Filesize
5KB

MD5
8e61ebf5e7099224faae3ee61be0e439

SHA1
433ff93ebd0872fdb8750569824684eaee0dace1

SHA256
f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3

SHA512
f3a2c5b1471952950aebb30f6da4fdac54eafa8b5fdd66ca3d44171b0eec17a309460f15b22af8cec00da1703b89367db2348b12f0501c0f3ae3d3599040a741

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\0f03dc12f2480e229ed1609f01c540a671a04e049968[1].css
Filesize
10KB

MD5
2113b6560d12d0fbaafcb9b964364591

SHA1
781afbd9b39e0ccfd8f6a5d906a48639b62105e0

SHA256
02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02

SHA512
78c3d3d5056ca06dfb66cfad0820de44b947859b4f886e21ecc6700ba31ee9b7f51faf45d100e6ae591147382cbf18c79c8b9d42ab2dcd93e4318227bd404a8e

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\3cdad215a43d21ea4fc87f4af5d02529b551fdd4cec8[1].css
Filesize
11KB

MD5
dacb80dabfaebd8b5c696ca29bddd59e

SHA1
d10bdeb6162bb0591b13799eac711d320958d1c5

SHA256
6a13129c52b4af929efe3e1fddeceb315a4f8038ad01c469f8d45d5c19483ac9

SHA512
dc812155362dd80a49c903dd65953594c0c75b665425616f203ff77e78499174eb400d9ebbec5b670a46b81c316f166eeed202e6b965f0f02587a49f2ada61f7

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\58f334a8a29f5ad81af0b81a8f3e765d20c98c4d09e9[1].css
Filesize
20KB

MD5
76b1bdbafa76a16eb077711e0852240f

SHA1
4eeaffc1d6645d958efdf93b127bd345134bdee0

SHA256
e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d

SHA512
fa7e4606b736edfc15d42e00dc83e8e4ee20b8b79cd7c10b393d29ad220afb75fcad5b959b51fb37c74ee9970ebf80cd7a75d7e4e8be1bfa8ec3e79d2aca4cd1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\82bcfc827562ecb3abc5f806658b862a4416b03adcf0[1].css
Filesize
19KB

MD5
2727c215f1b26015043511e9735a46f7

SHA1
7d1dc9acca9b896d0e880973e33e339188fab602

SHA256
dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4

SHA512
dc048227b3c80caf9ba2193d2f58af19745e1c4efb893ed742a8b54c25509072186c9141aa963e0454bbb91dcb3945ff3862ac09cc12471d5e9a357246104708

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\9c0435910e043a2e10cb9b0061943b74e2d6494fa172[1].css
Filesize
75KB

MD5
d75bc33f0e1f113e13918a1574bed89e

SHA1
ce9524469a86d2cf429390d9a2b09151906f16f5

SHA256
c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c

SHA512
151a8dfee28aaf232ed27150be0fd259b3c31f176187caf59ba231d067db9a6886bdf62e9bc73632cedd001847d7168fa2ad598e71b315385f547f899ec7361f

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\isDebugBuild[1]
Filesize
126B

MD5
db73f776d86f34f1b1a868fcd913ba0b

SHA1
e523e3ae23da5e659ad0cc60f65ef42765c5fce9

SHA256
f9d7461b859197d4bb01a9f6bda6b8644fe19da7098a2abbe4cabeb6068b05d3

SHA512
0d3f12acb10d570dfa0c026fdbeb8fc4fcafbd41d38667ea4dd911fb7be3e5b2f3c52e27057ed7fde7c5a41935ab19a9b29f32fd005a108bd95234370516e820

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\jquery-ui[1].js
Filesize
458KB

MD5
c811575fd210af968e09caa681917b9b

SHA1
0bf0ff43044448711b33453388c3a24d99e6cc9c

SHA256
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

SHA512
d2234d9e8dcc96bca55fafb83bb327f87c29ae8433fc296c48be3ef8c9a21a0a4305e14823e75416951eecd6221f56fbbb8c89d44b244a27be7b6bea310f2fd1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\plugin.f12[1]
Filesize
161KB

MD5
6ffc76825ac5a364de7857cd9801a394

SHA1
7d2c4d675b7cc290d8fa5cd6203b445ddeb6f601

SHA256
247994a58c941356b9516722e0961eb54af73b28cc4bc8b66d0704014f3d466f

SHA512
fa6e8a64c2b4c1ceeb983944c9220fdb76aa6cc97e630677ce39cfc15ddf4b14db8e47c99b8694477b2f73b3c7698c57071c08262936091507783ad8af541847

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\F12\debugger\settings.json
Filesize
1KB

MD5
289b13884bf15a231c0f8ce848219ad4

SHA1
5076bb958052abc926a43608ba192a5f70eb8523

SHA256
fc91e9196ae6e6cba2ec135b9940d75188a81f78229b8a8ae04c707ed727b38e

SHA512
e47d8e998ead1c5a7e65e3abbe97cc6886f1e38443eafe3633f1bdfa4af5b11b3931b2bfb52308955f6e553b03e6e0c27c5fef4c205407db789805f3fa2f2fa7

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\F12\debugger\settings.json
Filesize
2KB

MD5
aec121bf92c79ff193504872821f5d3d

SHA1
a661ea3f994c02feba6b13f270e02040a75a9c53

SHA256
7b789fc740959f65fd3ccb151eafdfd888c684f2e9ce417304f4fb91a542842f

SHA512
955d575d50c97748b1cd800b620383b89480af89d42ae0310d4f38d6b160cc8beb4656638434928ceae7160cbb30fa9c652e880980fc3a8b53114b78d5b28ad8

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\F12\emulation\devices.json
Filesize
3B

MD5
ecaa88f7fa0bf610a5a26cf545dcd3aa

SHA1
57218c316b6921e2cd61027a2387edc31a2d9471

SHA256
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5

SHA512
37c783b80b1d458b89e712c2dfe2777050eff0aefc9f6d8beedee77807d9aeb2e27d14815cf4f0229b1d36c186bb5f2b5ef55e632b108cc41e9fb964c39b42a5

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\0D4KP4K2\favicon[1].ico
Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\EETZDIJM\suggestions[1].en-US
Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\bzr34hd\imagestore.dat
Filesize
46KB

MD5
f1b3fa8b4bfcd3233c063378f2e3f8bb

SHA1
8602b7dbcfe28e4b59bcbabaca576d2ae768cc32

SHA256
7638b0d2010ad92511bffec2cf0d3adb1ac5672feef5ad7362256f5944919ed1

SHA512
57c4c7fc4afefb40b1ca655a9a94c45c522bcd46e4a80163846f1be069eaa0b27dcf9e7a4d609ac037d75d68bc3a6a8b328b4b6a5905f91983db26e0a7e9b0e3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\1661266219_32-kartinkin-net-p-zimnii-fon-v-stime-krasivo-34[1].jpg
Filesize
191KB

MD5
057e3e60368476e1d5db483c3b32f099

SHA1
036b5be2147cd16315c7eb9b6ad47aa676771a0e

SHA256
6a30196bdec7ce1a39dd394923e35bb0f4a0de30390851f8ec000928b1c344d8

SHA512
f72951b7fb79fdcba478464b1e2b9d88f89aa501fc17f957f50049b898e85d40181fa145a14dd3b8d4f5ab3103126ecf445f34196a35e4fbc20e70d1a723f227

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\about[1].js
Filesize
2KB

MD5
4fd1e1b49f3598980dc2b260b66a89c0

SHA1
818b65159e35ab980de9c00f24c0beeac7e3fdf8

SHA256
83d8195aec4990c3ec59de990b2f0e703ff31054acdd73b1637254a7716bd5f6

SHA512
bcad622e210374a8fde4d29565407ebd221390c467c560e04e74c31764533939a8c485994b7b8b27f647cad07ed59204b92c224fe97699b47cc0754526bf03fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\btn_header_installsteam_download[1].png
Filesize
291B

MD5
a2796187c58c7e948159e37d6990ecc2

SHA1
4209cd85add507247f9ce5a87a8c9095b54ee417

SHA256
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

SHA512
5ef103b8398507495c2708df8fcd82bdb763b1d580aaaa6cacfb805614764277c19e8ece5d890a8aafc004fc8c25e3ab2e67d6fbf373c432a9a0d7c36fa0890f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\icon-macos[1].svg
Filesize
1KB

MD5
a12cffb3b582f0d0f6ea9c9c36b74a5e

SHA1
2555282495d3802eb37bfdbf8b1f97507e125642

SHA256
caabf4747b164eb5fa61a0d1461443961ff2ffae35eb60869f2e4f93d1530cf1

SHA512
14d2f2f8b3cfc0a3b0e3892010aa9cb06550455a3da20ef75a47beade2d39df4584759f81ac26ea26ca227767fc6e45b0838d927d77fc1dde40e68050e39bcd6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\icon-steamos[1].svg
Filesize
1KB

MD5
8d0070a77d9f490286d136a40f15dad0

SHA1
aaa0e6834dfaa4624e04223a8926714cd83688ff

SHA256
d46c60d96efe34a372f59b9b4844f2ac5301e0fa1e0c460bc5e888134af9a57c

SHA512
48dbc6751648844aac5ef3fdee3f841ebab5aa61d55ebde70c9a68cd172fc9ec4cc55bb16398f9576b3720944169d59ddc47ad20faddc4275af74297a426ae15

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\store[1].css
Filesize
132KB

MD5
7f17027bfca35900417618d1cb3ad732

SHA1
a6d80baf8de7c08af2657db2f9be9252a6e90d40

SHA256
8ca6af0709045aa66f7c6ede7b7c65b533d31287b00c42521ee14f3f5fdda2c3

SHA512
becf2ef9dd9d539ae3fb474a12b3e90b60f7094747366d78fa41efaa63e0b86373a459e168336a3d3ade514b32ed724c4c130325c562d774ff1e8118f30fbc06

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IF16IU3X\styles_about[1].css
Filesize
31KB

MD5
2ae63a61b205e2b91662db381b68e79f

SHA1
5c217e7480b9b3825f5367536ca949fb668e4c83

SHA256
c5262d351b071f637d56c9d81ad7b341c2c69bcf7716f88909d703203278a8e3

SHA512
57335cc958943efd8983b54741121b94f056f53c948f940b100108f2b64f2258e0e0dabde13dce87eccf040771b64e55e36085cd300da4475ed79a6b31b203e4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Black[1].ttf
Filesize
117KB

MD5
4f7c668ae0988bf759b831769bfd0335

SHA1
280a11e29d10bb78d6a5b4a1f512bf3c05836e34

SHA256
32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1

SHA512
af959fe2a7d5f186bd79a6b1d02c69f058ecd52e60ebd0effa7f23b665a41500732ffa50a6e468a5253bb58644251586ae38ec53e21eab9140f1cf5fd291f6a5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-BoldItalic[1].ttf
Filesize
131KB

MD5
e77ef961fe37dd8e6de30d4f7fa9a4de

SHA1
567327935ae2bb3de45e7f612f2d05273a999584

SHA256
6f93f21bc1ecc2d1c24fa2268aafad7f9e76836bb95aa76adda9307caad51c64

SHA512
2b432cf2d448026ff12634d605d9eb52ab6d285ea3cb437031b0427bb933b0aba40c416c0f102a39ec4a267ae2396b4da414048adc360780508281fc454462de

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Bold[1].ttf
Filesize
120KB

MD5
6168553bef8c73ba623d6fe16b25e3e9

SHA1
4a31273b6f37f1f39b855edd0b764ec1b7b051e0

SHA256
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

SHA512
0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-LightItalic[1].ttf
Filesize
130KB

MD5
07247cbd12d4e4160efd413823d0def8

SHA1
517a80968aa295d0a700a338c22ba41e3a8b78a7

SHA256
41464efd9a32a5967b30addc21fe16cd0a35870fda56658b531a9a2434b4d829

SHA512
27e0e7505d41891e70bd06733f96e82e45061d621a1d20bbc524fc89c5406a799cf53d98c0fa256cb4ebfc19750c9a05531a8d273cebc260d48948edffdf6244

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Light[1].ttf
Filesize
119KB

MD5
d45f521dba72b19a4096691a165b1990

SHA1
2a08728fbb9229acccbf907efdf4091f9b9a232f

SHA256
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

SHA512
9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Medium[1].ttf
Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-RegularItalic[1].ttf
Filesize
132KB

MD5
7bc1837717cdc49c511ebdd0e75122a2

SHA1
d31e0df252328b946984c6bde94f7b2f7c72d964

SHA256
97c39175b9c8c46a5f2be987c00be2ef556421fcdada1ed3b327c50cc36cc78b

SHA512
53b31bdecde75e8f50f82db69728f6f831d6a3452062ac6e419f9369ffe88f0ea6ace3a501d89501ff86fe47e05900ed5b482221d215898e28a0a4bb1f1b6a85

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Regular[1].ttf
Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\MotivaSans-Thin[1].ttf
Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\jquery-1.8.3.min[1].js
Filesize
91KB

MD5
e1288116312e4728f98923c79b034b67

SHA1
8b6babff47b8a9793f37036fd1b1a3ad41d38423

SHA256
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

SHA512
bf28a9a446e50639a9592d7651f89511fc4e583e213f20a0dff3a44e1a7d73ceefdb6597db121c7742bde92410a27d83d92e2e86466858a19803e72a168e5656

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\motiva_sans[1].css
Filesize
2KB

MD5
d82d4e87d405553c8aa398e16659fbf8

SHA1
6d046f98095ef625e5c81545e4b4faeaf1f2a45d

SHA256
afb487cb0927509900a94f5fe65e9fa66c264a1524d21dd7afaa4c75386e2dd2

SHA512
761226a62727b51165125fc36d3fac567991192795bb53058a9e4c5b95a2ee001e8053977d8f71079027425b0c11d21a244cf685c7a05dfeb0ddc2e76023ee70

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\shared_global[1].css
Filesize
84KB

MD5
eec4781215779cace6715b398d0e46c9

SHA1
b978d94a9efe76d90f17809ab648f378eb66197f

SHA256
64f61829703eca976c04cf194765a87c5a718e98597df2cb3eae9cf3150e572e

SHA512
c1f8164eb3a250a8edf8b7cb3b8c30396861eff95bcc4ed9a0c92a9dcde8fd7cd3a91b8f4fd8968c4fdafd18b51d20541bcc07a0643e55c8f6b12ceb67d7805d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\slick[1].css
Filesize
1KB

MD5
6525474c49d3dd63567ee19b0816f4e9

SHA1
ea407feb9c8611f08fa9d27c51fd0c222271ec44

SHA256
17cff7bc75a3cf19c7c3412c514b4c0bb651df34bd4ee6717c6bf1f920302506

SHA512
09f9f7c5ed1173c5c0a82f425547dbaadee79cff9beb8686ef9b30a182f0930d0ea9c2432fad320e13cbc9a8dbafad22ccd2460f9ef414c115e339669b0e7237

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K9982RNQ\tooltip[1].js
Filesize
15KB

MD5
72938851e7c2ef7b63299eba0c6752cb

SHA1
b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e

SHA256
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661

SHA512
2bb6c03a1335ef9514d0d172a4284d82a29d1783a72306bdcb8af3185d5cd2ff16303355aa4b05086d2fa0b5b7c7159cfa67de4a6175095ff0e68adec2a56ac1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\6388299377[1].htm
Filesize
29KB

MD5
d62fa4bf6b547a1d877cf86baa5ded4d

SHA1
8f228aad6462d5d0e94ec2ed9fd900aae90907cc

SHA256
69d014630b8376a5e20d48cb8174a645241aba37d034bd1c00af619ba244acba

SHA512
49ca8d1bae76fd0be0231c34c02c58f6f93a261f38732513cecc8ff7d6392aebb39d0cf4f3f6fea8915ffeb04a85fe9688cbe5f7c0f4c1612b1825145a74f592

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\THB3403S\btn_arrow_down_padded[1].png
Filesize
161B

MD5
f2dae37acac6b9d5a91caf1885c2f7d0

SHA1
5f80fdde9f702a1d7589bc5faf88c14066e26c32

SHA256
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5

SHA512
8d7ff7133ab97d81985c50fa8fd93916b42b1ce812af21bc732dcae45d59b9154fcc965857235d925c471db191dfb79c0753c70c7a4d5b0285b908e396216805

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\_combined[1].js
Filesize
87KB

MD5
31ed48071ce4b62c24520c95bcde6026

SHA1
c073152e6835fba2ded4cc215f3985266be23f2b

SHA256
08b39451eabaca10cd735816cdc5af4a35b05fbb197e2082235b6e16be62dedb

SHA512
1cb651ec52d7eb67a961436a48340d0b783bc944cd54008d00e8b26d933d0668380126c6acae89ef10906fd96e8da9ed4ef773dfd9c761f608ff7ebda5554ae7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\buttons[1].css
Filesize
32KB

MD5
84524a43a1d5ec8293a89bb6999e2f70

SHA1
ea924893c61b252ce6cdb36cdefae34475d4078c

SHA256
8163d25cb71da281079b36fcde6d9f6846ff1e9d70112bbe328cae5ffb05f2bc

SHA512
2bf17794d327b4a9bdbae446dd086354b6b98ac044a8ee0b85bd72c3ab22d93b43f3542df03d64f997d1df6fc6cac5c5e258c4ec82b998f3a40b50c2fde99b5a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\dynamicstore[1].js
Filesize
88KB

MD5
3b3c125f1d54256b3c01baaf4b2f1c6a

SHA1
3f03975a4fe8ce007ef16563abd59844c0ad063b

SHA256
8aa5bf10bbaba1883e6100861d0938de7c10c0d42fe66cd9a0b5493f8b9e7fa0

SHA512
69fff3acd988c1bd62603af4393c5bd40975757bfbbcc6a5780bec8740c6f15f1ee9a437001164fc131c1e55f622c62d0e8ae3eaebedfe3fa684135f46576a40

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\header_logo[1].png
Filesize
10KB

MD5
a4e79c73ee13cb25b60fc4b0ba1f690c

SHA1
b690c31b2eb1b0eb085e91aaae7e79f03debe7c1

SHA256
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

SHA512
aad423119f410a655f0aa475d2fe692087d7262c3986ce71347981c5b60f6a10031d7050bf9b9aee4e7d84d814f0b8883c964028fcbe14ed3464602f3ba6cec3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\header_menu_hamburger[1].png
Filesize
3KB

MD5
eabc76eb57feae44add7faead028521e

SHA1
4e3e53938fad15661d2d046a868338841a95db19

SHA256
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

SHA512
5c6da6eeefddf321c2bc7e39a134e0a3140a9f93ad1560b2e102ef60ec218c29aae14ed344c79e25cc5493cd15551040d8c909de28dcab02034d787563104e07

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\icon-chromeos[1].svg
Filesize
940B

MD5
8873de2841baa287bd50be1b9f183853

SHA1
058aa5901e9fc536a560df337439115e4071e0ec

SHA256
f15208efd7d316c067ed5f70c97f0a3159861e1ae47dfd96762cfca293b84aab

SHA512
63981c8607c3b9238f778127b4e660fc88377f45674d5c026b80e6fe3eecd2c6d3e2399fc53994a45bb8fba843742d9154b39ac98abdd8fce15873ef6b8e0c0f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\logo_steam[1].svg
Filesize
2KB

MD5
8351c9c5873c3975d9730ace755a5ec9

SHA1
66d9d4f9e3d73027ecf61972de43657ffbc831ea

SHA256
18e6ee2ed3ea311b09c504798ccbb37fb9386840a9fce138f0a03dfa3d5564df

SHA512
f339e73c884a6a4b95913c7bf37c8acb30fd9298d29f89eedb36fc50b6eed196a3c3ae37eb910d38b89b387e988a08568e6e2c150513f83087b2bd81a766f0ab

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\logo_steam[2].svg
Filesize
3KB

MD5
b7a7e43284e2ffe806ac1bc27c1f6a87

SHA1
e8196489e2ae99ec6eb33995b5a3e108d6e44de0

SHA256
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

SHA512
757e4f382a864cac9f975220c28586f5ea415b2e2215375c1a47e011a9190fcd15313d399007539f150a6df0378b8f2022ac88e995693ab03a9f5656bfe40832

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\logo_valve_footer[1].png
Filesize
1KB

MD5
574c350c7b23ae794d5276f8580e0838

SHA1
235c7b35c3468f8915eca01f7abdb43d34079609

SHA256
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

SHA512
f1f2d7b6fa49e9241f2b88560127eb2871f66123c2f9de45b257750cf13e6ebb32a9d85d87aada6a99838a2f3c5412540065cbab398760a50f15aae3a759f9f7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\main[1].js
Filesize
86KB

MD5
c193a4879081808af1777d23a4fd6522

SHA1
a7c51a41f766663d22488db3b1db7f148a927cca

SHA256
8958e3ca5b7ac432f141d949267d8947b32d4afad535d2a89a231a159e65e19d

SHA512
9767246a5bc5d17479b41b465fa8b783e0d4a661bde4e2c76541f8cb49b748b10b87b01d19ed804b52136cbac85c728be39f97148f31cb9e820853d4b61f292b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\newstore2016[1].css
Filesize
4KB

MD5
cef7b240baddbbd25489ebd7ceee20a3

SHA1
ceaa1258aa0e92362c79216f474f57db00178a0e

SHA256
1055ab19fc7dd62ff9b62b078e97586b6485315bf0d4ca41ec1cd9684c9bdf33

SHA512
f5c69f6807fe5be6505d22187ddee1654f19906be1877fdc7587b7ebc49a49665aceec04f64fd2c4fd972b18fe450100e4887bffd2376f268201a6458c8f6e7e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\prototype-1.7[1].js
Filesize
165KB

MD5
6a39e0b509fecb928d47b8a2643fed2a

SHA1
f67fa6cb1d09963d10ba117d6553c8e7d5bc7863

SHA256
d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96

SHA512
b9b8c6d9ac4928686c5ea254ac8f765c4f3690f79e5b1ccaaffc48d4bd47872b9cc5475c038f70d804740c81915fdfce315ebe553b628d12f7ca1cc4467075d0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\rellax.min[1].htm
Filesize
3KB

MD5
29b231b211d707a52646e585521dcc54

SHA1
adff2107efef3d36962f94b65082cbd0b60fbc44

SHA256
8fc4cecbd9539e272b4c1fb717fa7543d24dd8eb01c2f77d50f75cfbbfbc179b

SHA512
d6eb12ce308868f074024d3302345045396b087be61156352ddb024f53725f4853b20431052b551a9b753e8c369cb8835e3b2382e7cdacbdfe796ab19bb2b8a7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\shared_global[1].js
Filesize
152KB

MD5
b5b68d73ac4b8fd0498db8c581a258b5

SHA1
7d2b1ed16aa03e211821490bc13fe04382affb29

SHA256
d311cd1d0cb93a2b5b79542f81f205c8daf4fc8ac880c83048a0bbd43b3f4b87

SHA512
8288e8fc8ee0c24f286831e02d9180fb0321cc5c949ae41d395bfc3d86c4251ea866cc5d970f3148ce37e1a1eef036029e82cf3ae5b5519f86d79d57d506e14b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\shared_responsive[1].css
Filesize
18KB

MD5
086f049ba7be3b3ab7551f792e4cbce1

SHA1
292c885b0515d7f2f96615284a7c1a4b8a48294a

SHA256
b38fc1074ef68863c2841111b9e20d98ea0305c1e39308dc7ad3a6f3fd39117a

SHA512
645f23b5598d0c38286c2a68268cb0bc60db9f6de7620297f94ba14afe218d18359d124ebb1518d31cd8960baed7870af8fd6960902b1c9496d945247fbb2d78

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\shared_responsive_adapter[1].js
Filesize
24KB

MD5
731415f5fe35edb73981f7f68a33c3ec

SHA1
21f594588dae56c93d34c91d4e6f0ef059339050

SHA256
fee9c5438f2b9c6cc0bceaba92e1e00c320981f0e51a0e5715d7059573b62f91

SHA512
9c0061f31062dacc9382c5809ef2dc0085db80fa1adec99ea9827b1666d3f2683f2751c32177b99c2e8c82475273ea040854b7f3943d33bfbe8de461115ff8ea

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\slick[1].htm
Filesize
70KB

MD5
52f6d73507509be009949858d33e94a3

SHA1
5ab9922460aa84d77db15b693d8a184b5b008736

SHA256
6d593b2b5913eb962fb94ad4331a074bd8cb88fefc77bb7c9825528d59e1f8ff

SHA512
3736f1f1b76fccc2c7cfdb35d1ee9099506aa9de2dc8ac945680ecafd53b56f16acc7cb6ce349efe8f499051e62484a749045a58814b4d5e825b9df45be44bf0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\USC21PFI\steamcards_cards_02[1].png
Filesize
486KB

MD5
e289838f7a141a36e9751fd49200cba6

SHA1
51773b7c2ee543281e49f3c9ee33a21586234b2f

SHA256
1b742f628cbe7bf577c82994d01f4a25312c3ba38e01232197f8b282fc48c833

SHA512
bbd532ec7190a24a46375b55d7eb48bb3524c4d8952a0217fd01e03a703f752e58fe4cc00ddc44a14659abbafc301ff601b882da6a1449d5c8ce997819aeb7a6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize
1KB

MD5
40378bf42f4943e3fedcf10e4b05787d

SHA1
f216ed6fe77988f651961c1f3fa9945e680fd576

SHA256
85a929d73dd4ac431914e254bf4206b162031b250ee484c5e6f5c009349c9878

SHA512
61357da125c893481102e72f89b0cd558927448a8e0532355ba471e77be2376f3112145af50544bccb6fe18775b548219a73f124feb33960636c04e45c093a58

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
Filesize
1KB

MD5
acdecd605e900167b162e83c8a84333c

SHA1
fba7f00efbc1292cb184fab2b3138a04e9a8e15a

SHA256
ed980bd923d4def316f2f6201f29df0684ff0ebcf5feacc331df741a855693b5

SHA512
be2030ff892dd418b6af56ade35e501dd2df28f59b42c48f16f079a94746ae03d6e181b20eb4fbb5726988cbef51f82bbd3eb788d89a8efff6e9703bc41e34df

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
Filesize
724B

MD5
8202a1cd02e7d69597995cabbe881a12

SHA1
8858d9d934b7aa9330ee73de6c476acf19929ff6

SHA256
58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

SHA512
97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
Filesize
471B

MD5
4ba6c0338c9be36eb1864cc0a825d49a

SHA1
f94fa8ade6d12beb8a6fc95d3e02e72e2ecd3c27

SHA256
7191dc8652d4551b47daaad13515712217487dd3741d6d6de339db6569aff121

SHA512
3c0201315db5dea3cd9a166847b031012defb7105725c8ab52fddbe01d9a2379530ac99dd18d4cc8f4d1ad599bad979b2d0d10807d20e6523c496448078b6e95

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize
410B

MD5
4bb9c513472a0ae4726eaa4c20e56c51

SHA1
527ee303a48e8ddd9e822aa0cf05c72382d604b9

SHA256
88939aef3ec9609cc331943ca06fc858b6bc4d49beb3cef379a60c92f0c711a8

SHA512
3d93a30c93f90918956c6d58b83204d93d5ab16e4ee616c7cdc8c1adee267f13bbb15b022e9c1a5ec879f716b0f99f0cf4d21c4b2b7a46e4209430b87393d195

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
Filesize
408B

MD5
56266993f99bde5c79cd7b762edc32b8

SHA1
cd827bae05e693f90e7c20cd76ed3257178ba417

SHA256
71c5bce25a9bdb381eeb04b80ce54f3b7c0b588e5d55336a8974ef107849a3e6

SHA512
7ba69b414d325e5eecc0964778dc58939134b6ccd1a34b3fa4e59e12c38a36a4701438284226deec8ad23a1eb0b94ac044087c01e0dad1ef0306bd143626f4c5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
Filesize
392B

MD5
b652fcc912ab49c3ae88ae4cbf1e4cad

SHA1
d42e3384355fdbaf5066b352062b56617c3b7a2c

SHA256
913ff8d90a6d613c2dcd4919714e77681a63a653579019376c1e1fd5271bc18d

SHA512
f6556513d8fc2c84257d2cdf6ac74addb95599517ace3df247805f05d7dc02cfc6b97a2bdf3d9b6438b2a9c9e6f302a6a88e38e6f4a663d6e3ac42e1f6520801

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
Filesize
400B

MD5
bc56b60fb5be7a8b50dccb2baa333a09

SHA1
5bbd52bbe3e2854fe90f3a83dc27318ff34a495d

SHA256
7e090a351f5339dd2475c322696549e9b57e4eea85a36834f7f9a2fb4d950412

SHA512
68c1d0ed38b99af0f16a9c758166a3c1fb1a8c0470bb73f36c5c7795449d5c2b4cd706fe70c03df1c9359932a7da7a1a01bbc106120b2a74394a027cba503542

Download Submit
memory/872-35-0x000002560F5C0000-0x000002560F5C2000-memory.dmp

Filesize
8KB

Download
memory/872-16-0x000002560FC40000-0x000002560FC50000-memory.dmp

Filesize
64KB

Download
memory/872-325-0x0000025616400000-0x0000025616401000-memory.dmp

Filesize
4KB

Download
memory/872-326-0x0000025616410000-0x0000025616411000-memory.dmp

Filesize
4KB

Download
memory/872-0-0x000002560F420000-0x000002560F430000-memory.dmp

Filesize
64KB

Download
memory/4696-366-0x000002ACD66F0000-0x000002ACD66F2000-memory.dmp

Filesize
8KB

Download
memory/4696-267-0x000002ACD82A0000-0x000002ACD82A2000-memory.dmp

Filesize
8KB

Download
memory/4696-362-0x000002ACD66B0000-0x000002ACD66B2000-memory.dmp

Filesize
8KB

Download
memory/4696-368-0x000002ACD6710000-0x000002ACD6712000-memory.dmp

Filesize
8KB

Download
memory/4696-360-0x000002ACC3DF0000-0x000002ACC3DF2000-memory.dmp

Filesize
8KB

Download
memory/4696-352-0x000002ACD86B0000-0x000002ACD86B2000-memory.dmp

Filesize
8KB

Download
memory/4696-370-0x000002ACD6740000-0x000002ACD6742000-memory.dmp

Filesize
8KB

Download
memory/4696-372-0x000002ACD6750000-0x000002ACD6752000-memory.dmp

Filesize
8KB

Download
memory/4696-289-0x000002ACD86D0000-0x000002ACD86D2000-memory.dmp

Filesize
8KB

Download
memory/4696-284-0x000002ACD82F0000-0x000002ACD82F2000-memory.dmp

Filesize
8KB

Download
memory/4696-279-0x000002ACD82E0000-0x000002ACD82E2000-memory.dmp

Filesize
8KB

Download
memory/4696-275-0x000002ACD82C0000-0x000002ACD82C2000-memory.dmp

Filesize
8KB

Download
memory/4696-271-0x000002ACD82B0000-0x000002ACD82B2000-memory.dmp

Filesize
8KB

Download
memory/4696-364-0x000002ACD66D0000-0x000002ACD66D2000-memory.dmp

Filesize
8KB

Download
memory/4696-380-0x000002ACD7230000-0x000002ACD7232000-memory.dmp

Filesize
8KB

Download
memory/4696-378-0x000002ACD7220000-0x000002ACD7222000-memory.dmp

Filesize
8KB

Download
memory/4696-263-0x000002ACD8250000-0x000002ACD8252000-memory.dmp

Filesize
8KB

Download
memory/4696-258-0x000002ACD8230000-0x000002ACD8232000-memory.dmp

Filesize
8KB

Download
memory/4696-180-0x000002ACD5E10000-0x000002ACD5E30000-memory.dmp

Filesize
128KB

Download
memory/4696-168-0x000002ACD5CD0000-0x000002ACD5CF0000-memory.dmp

Filesize
128KB

Download
memory/4696-92-0x000002ACD4A80000-0x000002ACD4A82000-memory.dmp

Filesize
8KB

Download
memory/4696-95-0x000002ACD4AB0000-0x000002ACD4AB2000-memory.dmp

Filesize
8KB

Download
memory/4696-97-0x000002ACD4AD0000-0x000002ACD4AD2000-memory.dmp

Filesize
8KB

Download
memory/4696-376-0x000002ACD6DD0000-0x000002ACD6DD2000-memory.dmp

Filesize
8KB

Download
memory/4696-374-0x000002ACD6D50000-0x000002ACD6D52000-memory.dmp

Filesize
8KB

Download