5a263119d971a552d0ef9fa47f7f4f6a46e5402bc37df056cb4a8e195586ebdf

Resubmissions

24/02/2024, 11:02

240224-m49y8ahh22 1

24/02/2024, 10:56

240224-m1xvgsae4t 1

Analysis

max time kernel
148s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24/02/2024, 11:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

42KB
MD5

5f17f67efcf64b3843cc50cce259b3dd
SHA1

0c762500f57364ea2d5371bfdabe552a765e4e38
SHA256

5a263119d971a552d0ef9fa47f7f4f6a46e5402bc37df056cb4a8e195586ebdf
SHA512

4bfd48ffff0ae16660623e7f23578fe47c9f4b6b1ccb8ef813207581d59089b04f8a6f4f4fccab0f2bf4076e19da7b1a4b0968e88d52b739c270b3e3992a3134
SSDEEP

768:TdpqmL0Id3AAYEpk7IFvRP0Mad6CZ4VWwCW3KI8ivfJkPVoEAd2Z4VWwCW3KI8iO:Td8mL0Id3AAYEpk7IFvRP99CZ4VWwCWI

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4468	msedge.exe
4468	msedge.exe
4932	msedge.exe
4932	msedge.exe
216	identity_helper.exe
216	identity_helper.exe
2628	msedge.exe
2628	msedge.exe
2628	msedge.exe
2628	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe
4932	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4932 wrote to memory of 1688	4932	msedge.exe	89
PID 4932 wrote to memory of 1688	4932	msedge.exe	89
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 2552	4932	msedge.exe	91
PID 4932 wrote to memory of 4468	4932	msedge.exe	90
PID 4932 wrote to memory of 4468	4932	msedge.exe	90
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92
PID 4932 wrote to memory of 852	4932	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeb56246f8,0x7ffeb5624708,0x7ffeb5624718
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  PID:1228
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1688 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4860 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1792,16909070917204379027,17204374619067425361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:2860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4584

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f4db60c9bb06ea5452df26771fa873ac

SHA1
c118183a1315a285606f81da05fc19367a2cdfe1

SHA256
f168242e74bfde18bacb9e18945a39bb447188eba916c7adf0f342ed8d82281e

SHA512
180ed98f9d5a14a22687a099c4a0ba6b586610f7b8b4c8de89f3b91713b07a2ef3726fcd318cb4e270b1745213b898037d29cca4b490d0c91833b797d69ac406

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f5b0bf4edca2187f7715ddd49777a1b2

SHA1
eb78099013d0894a11c48d496f48973585f0c7c0

SHA256
562016f9159ef363fcbe62ed13ee26052b31d4f67dc5ea6d60864a7d5dfa50a1

SHA512
1039b98cffd32ca4c9e37486b96e01b167d76b19dd8440a21da4932d677c463f4c5ce2260239e8337f59bd61ff3111905e23ab71d3ca5b20e7d2935fea7952c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
17KB

MD5
23a68b664b6f70f059d1103dcc7880c5

SHA1
1480a5dee54eac0c2c1fa0b6f12047fa1f3697cb

SHA256
d0ff01c8b74d5e42a38b9a6c1a811699b5d25bfa8852497cfac8d434fb6bd197

SHA512
c926aeacdd20e5882cb88ed1e568a71d5a34d6089cc43a874c2f660d728d5f4bc9771704ebf7a55df0bcb328c4b46bdbb66f43f954c7621fd1b9d667193ed976

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
31KB

MD5
5df0c7fa358f0ba39833004f96ab15d9

SHA1
12c825708468f840b1a8bda78ffd15ae80740aae

SHA256
95fbd430c14364d6238ea6788cd0439d19a84f9350a6de01f89cff50a831b2c4

SHA512
c8cc0526775879e4672c2503dc74f10bddd6682b8083cc88137a61d0854ef705c8522f4107dc88ddfb4309be9aa8a043b88d8e803fe75351b799c8e6bc5222e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
46KB

MD5
2c7ad47be536bc8a22fdc6dee79aabb2

SHA1
f0c9f8148c81b423081f0a89f23dcf3e2492e786

SHA256
95f1cd88a10d9264caa494be7efd9939b12097006f1df2cf64c49c3af1ccfcdc

SHA512
b18ba75c05334e4756583346cbef1975aed65045d7e6b170fdfe2a8dc5f49ae19297c8311959544b08dcec00b385761ef31418affd747b2b9f2de696cbae19a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
40KB

MD5
10e6ebfaaab9a6eaef1ecacb5a914ca8

SHA1
2ac7e507bd282c04a458013d2052128f7b2c95bc

SHA256
320b50e845b749ca84d5897c0bcf5de7d401d3a4bc93ea44eaab32957705b8ce

SHA512
da1db32ad1571ecd339e5b3dc3ec398237f91fe07d8c62da055f3a2be6a4bbb7cf5c58a62350df6bd3534bdf5855b4c1e79ef1a6170a59fef17e90481f86f54c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
58KB

MD5
27053439cf10d54aaaa59c9eecb0aed4

SHA1
7d0f3ff0ca46851c1d003f04071e5a2a968fe69b

SHA256
7c5fa1d2c2f8e00c3c0e915dd707dc49b9d006ceebb1b56990761c03e61dcaca

SHA512
715e934a5a9e9502c5949ca387f819c2fa826cc51182fb819dc3e17cfae5a2ca5b6b338ed55ee1a3745025142c19a35eccafde6d661f467c11c5a7644f23081d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
16KB

MD5
6a7bd71c74db58de3d9e179b49265b6b

SHA1
9c80d1dc6a6c6e382e1d431a2d25f350c077dc52

SHA256
6a3c64f35877b4240edbb74b72c7635be71d2d39ede6c1e04bc82a9fb8f5b414

SHA512
13179eab330bdba970b424fe2cd944d2ea0ec8068c3e049add792a0a99ff5ce69fce49ca87a970eaa808941cbde5b7a4855a1a4cd07e9d31108711e0e60b60b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

Filesize
36KB

MD5
47d88f0e30322831ac51429e321af624

SHA1
0a3a50ae8c9d61a6d96b872f91b4694187be0bcb

SHA256
ff066f3e1ab3028b7bf326825772da1a50d4c9bfe92ec0abcb52f17ed996482c

SHA512
416fa132223c396c6ec4ba581383ff0859ee02a7e73acca4836df0e8154600cc9cfa4249832d0370fc7c45232e0114994e7da36d094cd459a6f3c77be539cece

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3d3b7aa79f9f7553a6c596d59bcb4fc2

SHA1
cd68e5826ba8f7cf01d0f49a32b4ebd05eaf3317

SHA256
04c3c600c673aeb90bb3bce4afb2f6606579b10443ef536fa64527b26c09b142

SHA512
5ca35c8b0e0119396cc3fd00b53f6eec24626a35dee04acde32f6541b18e869775369356e02df9748d7bc6af1c7caf8bb25a7c8e60c797ea0b768aaa976555f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d7025a8dd03aee56a74018efbe2e8328

SHA1
506827cea3ec661eaabea9d87187d2f2842cdf2e

SHA256
2d72409745a9d508e2cb7208147b451a9a242dad57b033e6dcfba413ff348b11

SHA512
e7fc7d69689f113678ae4c273651e968dc8f8d0643a9439ab6de560fc419a1bda8a55ef6b74aae0e592190227bf8a07029d2aa005d061e34a69ada8dc137ea3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
711B

MD5
625448600dcbe0d9a65cbef46b16ea2b

SHA1
34d1d8ed15b1744be7d3165eec1be8d5d4243d20

SHA256
71c2789d5622d6cb0434f1a439c3b92e69c7b9eefbd2167c493155e13a16ed03

SHA512
4ca84bed45f900eb776cbdce002a4239697c0c9e499df3c209c947df112cbfec4023f2ce863dbe0b6ee474fa8970f8ccaf91ebd1f664ca2e1ccfdf342964aeda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
af3f99ce2111d8518ebf0730988fbef4

SHA1
bada78e51d1fa92b2db384a9fcd36c9e00e2fbcb

SHA256
a2e521e9b9e081483b51eb48f6b18c401614698ae12c013c7d5131fd230c2314

SHA512
15225d66edeb4a46b6745a812522b11de784d310a430cee8224c70f57a633f6057597a3b194f2117846d0d13b883080dca151129b69231ed6efb574de7e1bf1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9142e95e055cd710d37919881fe0554c

SHA1
8143bfbbf32d7ba1d905b96742e0335b1967bd6d

SHA256
0144ee58a3d413434789694a404564301b9af1c02ad43e2f36e1747cce77d34e

SHA512
5b9b8cd540b665dfc04f848e4baa2f8ce7f12988133e1f622f4f22204faf3b014f84e72cb5b78b77ef3fe32b0889f7e1b5e50cf53cf036244548c4596d6ecd87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b71c19cd98b1ace55baca139b448e4d8

SHA1
cc59c62fda8abbf3c2bf758839599765676c8efd

SHA256
375b95bc15a9390e52045d53f4ebb79f534841ead3736963bcaaca9c00e3fd16

SHA512
89597c3a8deb9b5acfb909a0093ee35c035347db7a1559ef050de8f8bcb5a83c75e99fb3aaa04a9b7e8914bb109db1aac948af41cbda50ede05b587305fb50ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cc36656ba95c473e4635d03ee5fdb283

SHA1
a5c0579373f2fe3caac496ca2893253e117c636b

SHA256
bec681f3c68c402e2d2f9ad0970bc6e8d8d330521f129a6c9f9001cefa953202

SHA512
65aaef2ae1180c7584acbe7266ae77d5886da68ded83a826dad26a1758d3f159a49120516981d1c97e621f38f5efc120c3cca2ca4abee8e896aa66088c60d7d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a1f7c00eec4d846f3e6e34199c04f126

SHA1
458cca8bae5422b934a82419e509e9cf7aacb67c

SHA256
e911aae1cee647becece1e20a194062ae01ff1ee9e2c519bccb3131124f631b7

SHA512
fe3bcb3d39a3f6fa6801314a671239d832c52760bbd949579b0ade95a2433597757ec2229b8b1c864df30879a8bc30582dbaf63fd15615ebdabc063c3268876f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a8ad47eae51fc0b22ea7d33c2e97880e

SHA1
d0777ea9b12096e9086cab89ebbb650a34cb7a9c

SHA256
d39060438e96f0fbcbeb40c5602ffafa3792aad3dbb3b07ac060c7da40653e1c

SHA512
014908a63a40233b8692b5d3775207f266cbde2194e08f4908fbe474d56f7c39e5cf2be8f22af282b1478010d8cb450104d6d4c44be007f85a01e39447b27890

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a447db059b59a57eebf3ebf2870bfa84

SHA1
43d448bdcef7bcbce93b1cf9fc7a7f853da7572f

SHA256
4749f51bf96123342ca1ece790dadb474d8c0d59b30ff4f9f871bf3e77023aa9

SHA512
dbeccbcaa876060be84a170f8b89e4cf8d2d421d04df5511e96d3205002cda9824fd74bc31e467a7e1c233f06ab5643670cd28407d335277c9cad4e6e28c6835

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9b80b3a0976917c0355ebeb5caba6ba2

SHA1
a725254d26f8222c28ada96d312d8345ccabfd3f

SHA256
3afd89757899bb6753354630ba20a0901c3b7f1a293d19e483f620c7a162bb1d

SHA512
f96dc864a51358b114f76626f3daabe51c0304cc09521f5d41a4bdb9f13bbd1b51a09b28870e8200ced2cbfe3d072a19d4572602d8c2d52fdeac6df28083b16b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
213a589e13e0673e78844a33294dafe4

SHA1
0d41f85a1e3bbc804314f7d77970c3ca2b44c1af

SHA256
30da429e14c2d8a40c93a81aee632b8cbd57eb27a29525b79f18c0c3a59bae4d

SHA512
cec83d3d4391723ff2bd8ce128a283f51493288f804b368478654257d58f754cb3f9a1f8ff4d18b151e4dff27cfd50ad34d13943158b82c4583a970fd89f6202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
b55835e078ab6f85f8406cd085b4eafb

SHA1
bbf02a304cdb53760a70a4fbe6e9651b55702594

SHA256
262992100214017b3588f3d2a6df7646e0a24d25f87877ff3e6637e27a2f34c5

SHA512
4036272e4d18f565a49a14596c48d3b39ca56e459e1689abcf053f416e41cf2ea56b374962e9c710bc5ab42b65ef8844ddc2c61ba5d892addadd8cb21028c52d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
04d3da4809a55ea7a6149386d05d08db

SHA1
39a77ab530d71de5d018107e87d2d34ea94753e0

SHA256
dfa425a1540eb6928489e145cdf52ccc3632d2a6e5ff30b70e7b664e8da61038

SHA512
d65b2b8703d8a94e31b5a1b7b193049c6e3935b6bca0a25feaef010765a02aef39e26d96b2ca658873b0b7d8c0f6ed7154bf1936cbadb2a1b213d66c988c92cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ccaf3e9189dc6d9b855d976cb2fc5157

SHA1
430e84635c8ae4bacac647a78e96a9bca8468651

SHA256
0d7a9bc3bc7bc71395356ad7cd0d5a2ee4ddbb8c4ccb0b3db3e660780dc05f0e

SHA512
197f6a726204bfd9b398823995966765efa301046e34a5fa3748ecb285b241cd37dd29f04a022a0ed8357e7f3c6c7faef6e17ee26a114da697a307bc5f4d251f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584b4c.TMP

Filesize
203B

MD5
059faa1adf816133372ec663f1987a19

SHA1
9efdccfda478472d8e468707cefaebadfc972c4f

SHA256
757b7f5930c545364df13677bb46e1679e157265a308cac7e3acf2189e6e2fb7

SHA512
384f861b1fce2be6d5a21bb9a74a1fab3f3665a0691cb254a014cd6223e50c612cfec8a3e74355b6989f11ef760ad8d4d10f27029ebf5449fe384ed83f61bec8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fe1be80fcf1521ad0841b20819ff9f19

SHA1
9a643ab8119d14f808b153b8ffad053713b608f6

SHA256
13881aee565cebfb80f2cbf8d101787499a1752ac65103d365015f69c645aecf

SHA512
44ab3fe6c740fc5a7956bbf5da6b2951420d9cbe4e98527f2680f10bcc7ef11d6d930e0b0611e42923e1cf10ef45c0f8064dbe2a64c0ec34e0eacc812aaf87e8

Download Submit