2778f5d7578ac07dd5a44e4082b96f1be5859b329e3a78f9000b7b888b00403a

Analysis

max time kernel
146s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
25/02/2024, 14:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a4127a3c2e9e3b9ea27fc5bcd30532ec.html
Size

432B
MD5

a4127a3c2e9e3b9ea27fc5bcd30532ec
SHA1

6ce1915f102adf49c414c4e1b61f87160b1a5cfb
SHA256

2778f5d7578ac07dd5a44e4082b96f1be5859b329e3a78f9000b7b888b00403a
SHA512

93b792ab9d73720daa27687143a3bd3ac4e7d691fd99996a5eaf250b0c86a6481e282916a8400d57e3fc0ec8d24341fb5e59e581e973d6156dda90b71ab8b1ec

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2952	msedge.exe
2952	msedge.exe
2376	msedge.exe
2376	msedge.exe
828	identity_helper.exe
828	identity_helper.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe
2376	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 4936	2376	msedge.exe	72
PID 2376 wrote to memory of 4936	2376	msedge.exe	72
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 4028	2376	msedge.exe	87
PID 2376 wrote to memory of 2952	2376	msedge.exe	86
PID 2376 wrote to memory of 2952	2376	msedge.exe	86
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88
PID 2376 wrote to memory of 2676	2376	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4127a3c2e9e3b9ea27fc5bcd30532ec.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xd8,0xe4,0x7ffa178346f8,0x7ffa17834708,0x7ffa17834718
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,17904591354174433736,7676545803566342983,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6964 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4776

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
58670ac03d80eb4bd1cec7ac5672d2e8

SHA1
276295d2f9e58fb0b8ef03bd9567227fb94e03f7

SHA256
76e1645d9c4f363b34e554822cfe0d53ff1fce5e994acdf1edeff13ae8df30f8

SHA512
99fe23263de36ec0c8b6b3b0205df264250392cc9c0dd8fa28cf954ff39f9541f722f96a84fbc0b4e42cfd042f064525a6be4b220c0180109f8b1d51bbdef8ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3782686f747f4a85739b170a3898b645

SHA1
81ae1c4fd3d1fddb50b3773e66439367788c219c

SHA256
67ee813be3c6598a8ea02cd5bb5453fc0aa114606e3fc7ad216f205fe46dfc13

SHA512
54eb860107637a611150ff18ac57856257bf650f70dce822de234aee644423080b570632208d38e45e2f0d2bf60ca2684d3c3480f9637ea4ad81f2bcfb9f24d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
3ccd6373d879494a52b5e1d00900804a

SHA1
8df89095e58a18fd8ca2f1729a9250cc8fb75047

SHA256
e73939b094cf582fa49cb27a6bfbdc17db8bf992bb332ad920ad5b9fb75d5d37

SHA512
59f2fbb42db91132361e2ee8aa4743b6a57b0379db10b5a7074bcee02fa63d7c22749af4810dc5813c43b6604487f66dc7bcdcf3eb3bee23128a370cf87e57f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
560be6d1cca11b8ef5854c68fd05fe3d

SHA1
ae2b4d9a08e42b72364eb13096b311c4cbc1546a

SHA256
ba9861fbbf13996ef7f4af9d7ce3ee943a4043125d3c0a9fce799e5f509886b5

SHA512
64d37c404a99e3a6952a46335326213f103fc7a2de351cc93b77eed1f6c5f5874eed326b9cf35c2bf573af1da59786a9a7bed2bebf0b77ebaa4f7d9770f170f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8a29ac1701955e55ec2997e4a9f1affe

SHA1
38c31c70688cc90c6f48bb028ebe2b1d7fec7d24

SHA256
acaa057457b731721d8f95e0c462e8631be9611811873c5d58f2a169ee6dee00

SHA512
8dd981a1a4a3e4a9341bc1c557763451796cb2a83a5b8b7f60a27fb48da2b6dee621397201c7a30511e5a3b40a5f0ff40d4e9f2e1dcffb21c9c89223617ee014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
30e8654c7b3747b3b5904ec86254f920

SHA1
bee721d7590ccd8e36d47231caf913c719274ced

SHA256
a59b2972fc86e74ab0af0753b3f49bf5fedf495a48fa8a7b6ba9ef6d9b84126b

SHA512
8fc2780faadff53539d38a693616e90d4e4b5cf46d50b3f061a5b1e884c95799a7b167722cea5d45443abf009cce2735f43714a8197b91c169155cd9413feac2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
da9aa2b5eca5bb723d7caf75ed4ac1fd

SHA1
b4c94cc5f194dc197ce60425557d6f9113683445

SHA256
02aab70ff47abb5493683ca1b650a7a1db5eae9ca95c0fe83630aaccc7b5f00b

SHA512
e7b8efbe87ec4daf1e3066d5f685ecdea73507634d8c5291371dd451d47b40472a4e9f5a240f18d41815209f6ae8da01c72abde54eb4cd2ee9f055116aa8359b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d3ab.TMP

Filesize
48B

MD5
edb247594316d6772b8422fb555c6b81

SHA1
cfdfdd4b0d757f733dcf361b5f0a69a355c9bf2f

SHA256
36413727edd57bc6f27e9e76fdacf7bba052dde6a0a6206d258d375c8d4ee276

SHA512
3ae7b63426d61ca08062bf8378c099e12c0c588ba20795cf8014209b3d71050f28934e7aedd0d9ed9d65cdbe23c0298cc717cefc74e8118e9212a18b45eadf70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1fd675998d60d259e618cc33a401b327

SHA1
879e5de12d748b3022dacc7ffef29576b4df526d

SHA256
f7c42866bef47d44b2f44587176a360c730c7fd73a8f0bc4781648bd1240888e

SHA512
c6d75f022ceced0ebc7076c2f4b7222ce365f1e1a86a6934ed52a9744056944d0900ab49677fc014b2fbabb6b5a4b312d5c7d1292fb6d340cb08651496dd5d0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
83406cdff12fa35ebfff497f42b483b1

SHA1
6f73c496c078361a7284b46dca0ec75c333f767e

SHA256
3b9444fb20a49e2654281053bbe8ef25dca90887d451dd26e818d62c3ff9c8b1

SHA512
9daee89a3adb22835f5130c1cd28476cfecd2c917b27dcdb2370b25e7ac779d6509f30f2a880629342b3209dc7878c9d0e31387d77bf25894fbc309c75a5abed

Download Submit