3b225c102e1d1c07dc917f88e58b7f383055273ea349448a446bbf721bf0a294

Analysis

max time kernel
145s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27/02/2024, 16:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a9935f7f32ed7f107514f9bd9f6efde6.html
Size

432B
MD5

a9935f7f32ed7f107514f9bd9f6efde6
SHA1

c97a15118bb05cbf75cf3ca4e34febe4f715ffe7
SHA256

3b225c102e1d1c07dc917f88e58b7f383055273ea349448a446bbf721bf0a294
SHA512

02ae8e0e9a6042694865eec6be819e69d4e8bf0fb354e60e0e0d6f4ec31968171f1681cf95e40468c6a1f0f409c12903917340014a605f182b1f951e8b4ab68f

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3444	msedge.exe
3444	msedge.exe
4244	msedge.exe
4244	msedge.exe
1932	identity_helper.exe
1932	identity_helper.exe
4668	msedge.exe
4668	msedge.exe
4668	msedge.exe
4668	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4244 wrote to memory of 3128	4244	msedge.exe	32
PID 4244 wrote to memory of 3128	4244	msedge.exe	32
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 4436	4244	msedge.exe	90
PID 4244 wrote to memory of 3444	4244	msedge.exe	91
PID 4244 wrote to memory of 3444	4244	msedge.exe	91
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92
PID 4244 wrote to memory of 2384	4244	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a9935f7f32ed7f107514f9bd9f6efde6.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff513146f8,0x7fff51314708,0x7fff51314718
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,851421127072618498,6308789082685796197,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5288 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4668

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3324

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
c232f185d8518b42609d5fc7a24431e4

SHA1
c974819ae7a024e0d9752a0d0713863818046e70

SHA256
2e4f2ab11e5212bc82efc91af619ba452af78dc22d5d1bee5722857ccd79d038

SHA512
1e6509f2dff01602b2d534721f99f4af59dce39c052374040e56becd671ec7439f34af6cb7ccae90d9de710a86b5588acd490cae693010c36fafd2ff0f2c87fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_1d74127ae19.turbolinks.co_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
08437d2c79c1965ae64f6d86955ecf24

SHA1
4e1e6410104b61a4aad28b3923047058d96b4ac0

SHA256
449ee3b05ac9c8a2e3b5ad2d596b525e52066e04b78e6498d98004936e11d8fb

SHA512
80f61bf7a09cb4829bc1fc71b19461cfb34a794e2614f15e20483a07c5bc8b8c5ac801150aa7f1cf2821c1c89c8e9d562a1fff38849257c6c1fd9fcd7c6b1029

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0818efd635b1978f49ad4629064aa58c

SHA1
cde0abfe9d644d1190ba2517ca24b41b7fd0e0cd

SHA256
005116522dc8d723b9fd29af6bec21d8790a9d58f7ac2a4548ee41cada6703f3

SHA512
a27b57f6ce04b1fe04f2a801d044521c621cc6b1992cf749e173acbaaa713338219a9b38e083844c5951c8332dda4ac4dd20d0085e38b2c26c897c09790b1293

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
de7c8e00404897370d8326ec7fcad377

SHA1
1a4b11af795d519aa80835cf043c79ee4139415b

SHA256
af2f1b0e66e79155135fdad30d1b72ce338efdd3199706564279e9a65c9a5c29

SHA512
f48c8d5636528d1f6357976ca9552021cf91cdbfae5181e11369f9f9b7ae341a6f236f3b13411f0b0713a38401b2c96152022df35b8fc91ff21c43c5380f8b21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
b011a7fcf4e3e69fd36c9b51e66a7e7c

SHA1
9295293a22c9e411177eb4c2ceec04b7faf86b08

SHA256
a1483640e847b763eda506ef01141fed65b49380405098fc4444a1dc6773122d

SHA512
257b1a2709fe974bcad14f277f4bbc1d3cd8d896beef689cf2c80b84011fe8ac3b10e55c7588c6e9e026dd777a85c4257f91172bc04ed074162d459ec74440b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579819.TMP

Filesize
48B

MD5
dded3aaadfe901a814ceb9bd0128a53d

SHA1
47307c839a3404bdf5ecfb7346b5b1380b6e1483

SHA256
5457b193decd6e951595f25eba518ac42155e9a36f84e190082529c3f670d201

SHA512
ab5fc7a44057f1476406053fd47ebbf2c61999b5ccef2412c03eb45abe941bc7e92ab297ece37fa77aa4a89865e6a05a06027c679a793be7131c70a4f2c108d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
dba5dde21561fc630ee2f7b4e8242d50

SHA1
c1ea186e850a259708ca36fa83e8dfaaca79ca0f

SHA256
f1ee6d39068536fd12ac712c20081643e3b491abbcb76fa39b101f7868e47c48

SHA512
f767b31f53e7a65e2a0d23152d50ec7bed441e50180bef6294cd91967fd84048b3b76bc1f215c704a7e2b7c7d2b21bfabbc97aa68d50c8c2637be4f7e81560d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
41abb296ffe197ab48858bb2d5eb2115

SHA1
928c93f573da0a3d148449538bb7891e3f1e32d0

SHA256
a4ea450f423d67cc4899df529a6662c553867362ace1929061f53a6d43cc0fb1

SHA512
418f026c52e8a51ace3add229bd12260d1fad159569e52d3610351968a9e70c985891f7f514bacd7acae1e3a0df957ab268f55118a3c57dc46e7fc123bd6eda4

Download Submit