5a263119d971a552d0ef9fa47f7f4f6a46e5402bc37df056cb4a8e195586ebdf

Resubmissions

24/02/2024, 11:02

240224-m49y8ahh22 1

24/02/2024, 10:56

240224-m1xvgsae4t 1

Analysis

max time kernel
146s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24/02/2024, 10:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

42KB
MD5

5f17f67efcf64b3843cc50cce259b3dd
SHA1

0c762500f57364ea2d5371bfdabe552a765e4e38
SHA256

5a263119d971a552d0ef9fa47f7f4f6a46e5402bc37df056cb4a8e195586ebdf
SHA512

4bfd48ffff0ae16660623e7f23578fe47c9f4b6b1ccb8ef813207581d59089b04f8a6f4f4fccab0f2bf4076e19da7b1a4b0968e88d52b739c270b3e3992a3134
SSDEEP

768:TdpqmL0Id3AAYEpk7IFvRP0Mad6CZ4VWwCW3KI8ivfJkPVoEAd2Z4VWwCW3KI8iO:Td8mL0Id3AAYEpk7IFvRP99CZ4VWwCWI

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
564	msedge.exe
564	msedge.exe
4692	msedge.exe
4692	msedge.exe
3188	identity_helper.exe
3188	identity_helper.exe
5052	msedge.exe
5052	msedge.exe
5052	msedge.exe
5052	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4692 wrote to memory of 3556	4692	msedge.exe	66
PID 4692 wrote to memory of 3556	4692	msedge.exe	66
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 4936	4692	msedge.exe	88
PID 4692 wrote to memory of 564	4692	msedge.exe	87
PID 4692 wrote to memory of 564	4692	msedge.exe	87
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89
PID 4692 wrote to memory of 1716	4692	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbe76a46f8,0x7ffbe76a4708,0x7ffbe76a4718
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3020 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,13667539931492826191,4086621052821368416,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
91746379e314b064719e43e3422d0388

SHA1
65f1a2b5a93922d589142a6edf99b5b35d986dba

SHA256
0b3cf8ae20afd84c9bf06546e876c84922cb5800526df72a628479f4d5487df7

SHA512
a783d8d9613cf92020fc36fd27d384dbd4e105a1ebd02c4507bf7263e61ff5b377e6d1734b066700782fa64bcbeb11af31ac3972d404625cbdb587cfa3bc0808

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ccf8b7b618672b2da2775b890d06c7af

SHA1
83717bc0ff28b8775a1360ef02882be22e4a5263

SHA256
ef08e2971a9ba903c9b91412275b39aabfd6d4aa5c46ade37d74ff86f0285420

SHA512
eb550889db8c4c0e7d79b2bd85c7d0e61b696df10ce3d76c48ab21b935c7ecc7b12403a00d6570e7d8e4121f72747242c2358f8f0823f804e704bd44ed603b97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
36KB

MD5
47d88f0e30322831ac51429e321af624

SHA1
0a3a50ae8c9d61a6d96b872f91b4694187be0bcb

SHA256
ff066f3e1ab3028b7bf326825772da1a50d4c9bfe92ec0abcb52f17ed996482c

SHA512
416fa132223c396c6ec4ba581383ff0859ee02a7e73acca4836df0e8154600cc9cfa4249832d0370fc7c45232e0114994e7da36d094cd459a6f3c77be539cece

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
36KB

MD5
67219e97df6aa1e680a22bbc0f87ed77

SHA1
a48b36468d79fe96fa87368292aab75bedbf7902

SHA256
7e36e4fdd87addf966e462181698295dfeb24960e51345787525fb149001a1e1

SHA512
cece685c7ffb7560408a72b893207a01f3e323408ffcbead73772bd55988ac19632f54e03d5f6faeffc39431e9352ef4438268fe9edc1751e59502e50de38db8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
495b46abc3ce99aacd54ab5c2e356b9d

SHA1
6cd1cf767127b3a4724f9657eda3aae1aa033596

SHA256
b5c78cdec2cf05aa3e1fb9aeeb7f76d88aaad319440737f0c08207fae6121b56

SHA512
e66c69719d52f60a458ba8bbd6245baddd5d276174d7936788b52b238d6c894ed6d7098c640514b4459e304737baec26593c7e8388110caf371ed58fddb0fa59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1003B

MD5
fed24af901f453c305226b729c4b77a9

SHA1
083e8e517819e73a69fda07ecdc110b8155035ce

SHA256
40f09542670886992ba62656b208e75d505bc70c0166b1d74423d367dd26cf0d

SHA512
c0045339801ef71b8b3f7f20f5f8c2a5ce32faa040b9944dc389095a9d3301919cc3b5242e24add585f2d555b377d56100a221bc612b088f8488bd1c6781de14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d8fd6b6eb928e72b3696d94510d923f4

SHA1
dacbf230d52f7e02183c3df6af3aa9929a28f9ff

SHA256
d493b35d7bb81563b8c4fb1193982b68b5419a87daf4cb074861808022dfa6f8

SHA512
8e53e0f08881b33fee27120d572f92ea4d965d09f8cb69b29b2c0795c3a820b5017cc0bb6da31070aba193e6c848c0ce97433455f5f3424abc7fe2152a4c04d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a40c3292e02b3dca7e3f841f4abe2a10

SHA1
bc0f125fbc157c1926c2c3250c08ed19668f4e62

SHA256
d93ccfe69acbd735c7c03fc9614b00e45c186bf63021a0d0c02b2cac535d7a88

SHA512
cb655079355b6441141d52ecb3a02d99dc33a38efa0f9549e8c69966dfe97e2959a75311c0755962b19fde6e78af2e7c2ead290c54edb9ee8f4cdd780c2e8bde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4185da02e1fd94deb45889ac17d0d0f6

SHA1
da76f208b15e93cd502d7ce3acfc86e46e3f53e4

SHA256
1430351bf485a25f0b28cb523478337405822ee2a1ab66e55dc1325982e0a91d

SHA512
dbb84ebfb97ce3d516e92416d36782c9d883a98e14db65aff32b76c2a527df34bb64f095f50c200c6ac84ae9c2f560a549e882fb60c1952d3e1473757bc0956a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b73315a5d2d59636486a27804237982c

SHA1
72cb09af63337baa26cf9d2f04834e34fd8e0f7b

SHA256
b92494fdf3ab7e4b9dcea3c962888b8a284f359c22d59879a8c3c89cb519ffb0

SHA512
4878e97cf39f46c797a8bf0b28f590fd0236c59c99f363c1d05d79d9805586721c5ad69c7164ca22c5a2fa7d482925eed53b67366d84ed8efe734a18258249e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
7e235531be180ec317f21e8216953638

SHA1
9eb0a53dbcdc10cfe82eabe57c2d1811b68dd57e

SHA256
64ccf89ea554e904a485916e75c1470d1402afa2b19a4d025fb3b634e540a2f6

SHA512
504458ccd079c791ee925fcdd3ca967aaf01678e391f7e2157d46b79c468b5d61d03c1a2053d2ec18208a3bdc27da5624b812a653fdebedfad2440f43ad24420

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584699.TMP

Filesize
202B

MD5
ad668142c3c6e35e77c65d082699216f

SHA1
798d9241f01f0439599e2cbc95b50ec6fed7ff60

SHA256
24d73223fd103678864eb019b55fa2c723a53dd48ff96c2bfa2ae9257dfba8c8

SHA512
6539652b41ebc5e741461f18d1fec72004256fbdb55b3ca4403099aa965e3e27f9910cf5205da71dccc24042693a4e7925b6bfd19d20869bf850d0ed1c657da5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5188dd077d4ec2a2d852c821a22bb2f0

SHA1
36adffcf339c620a14b04bbad172e28686d9ac43

SHA256
b9b966ab29f23dc8513cf47e63138b6eba0291eb790c82666bd94f34c36e4a39

SHA512
fc22d7b8012d8ee29d2e446f36684c0cdba2d229df3bcd15f4ce7f178aada3616dcfb960f5bd5bc6b8da17de4e433df03890131f891a06ca453ca9d17f437566

Download Submit