a57f776496d7f175712fb5972ef0888441587fa3f520d4c671030fc57516bf9d

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27/02/2024, 19:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aa03f400e48d693ad2282c4065cbe80c.html
Size

432B
MD5

aa03f400e48d693ad2282c4065cbe80c
SHA1

72aa45367d069170e9eadb0b685ce468165431ac
SHA256

a57f776496d7f175712fb5972ef0888441587fa3f520d4c671030fc57516bf9d
SHA512

61c7c287a015aee61f39abde08928814e2b719444aa97e48348c30eb586c3af7558a8cdc026612bda66596deb876969a3dab6c14eb51c1ebd50522bd9e27fb7a

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4300	msedge.exe
4300	msedge.exe
4952	msedge.exe
4952	msedge.exe
1144	identity_helper.exe
1144	identity_helper.exe
3772	msedge.exe
3772	msedge.exe
3772	msedge.exe
3772	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4952 wrote to memory of 4936	4952	msedge.exe	44
PID 4952 wrote to memory of 4936	4952	msedge.exe	44
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 1440	4952	msedge.exe	90
PID 4952 wrote to memory of 4300	4952	msedge.exe	91
PID 4952 wrote to memory of 4300	4952	msedge.exe	91
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92
PID 4952 wrote to memory of 4452	4952	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\aa03f400e48d693ad2282c4065cbe80c.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8bd1546f8,0x7ff8bd154708,0x7ff8bd154718
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,923747772377846263,5680123218464014229,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3432 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1580

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5096

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9ffb5f81e8eccd0963c46cbfea1abc20

SHA1
a02a610afd3543de215565bc488a4343bb5c1a59

SHA256
3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

SHA512
2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e1b45169ebca0dceadb0f45697799d62

SHA1
803604277318898e6f5c6fb92270ca83b5609cd5

SHA256
4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

SHA512
357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
508B

MD5
2fb19cc4b3f178738eca220a88f950e6

SHA1
e3768e33304006f8bf824a25978bf05b1c291cf1

SHA256
c627317ba96af70344de3edd99d555ec0432d5f5835fe0c7b4904bba1bcc63db

SHA512
453fe7b3b01c162fa6dcf111a0c83c3200bb393565ff03b0f899d42ae81bc2b23b738d13e0719e314f035cc6bffeb31b12a8b1551cee095926d067a21ee3d840

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4493a415c82887c03f7a170f58bfb63e

SHA1
cbfb1b7a4b54bae16511455974874946ee955215

SHA256
53aca74eac34f4305f530872f30c944cbf5de8d5e7a899c256dc6fbeb6b25df7

SHA512
458cdf301e66d58698d847df3f98a3b0d22796f6e009fc4aae9eeed2600b632dbecd5817a34cf694ec2ba599c755422158da5e34036f973462e2a02e1cdd8e71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
40d77a2d669a6054ee41bfd6340ddf88

SHA1
6a7f2a3cf06aea51e79a2da9ce0ff9f960d51888

SHA256
d15e252f18e43a511e67b26f9624464420096f5b4689c067013e188ed05a0af0

SHA512
55ac06b7e6cee96d0412cb941192754c33ef0c67bcdfd272bf75f9c723418ab1408a976b5caa81248d1b088e23ee817180544d092aaf54f3fedf79ffdbc6fa5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
97eb0b43fcac7af22e3da57e16830e83

SHA1
ec81b4c561eb0adc7359beba25ac49d9abe16e49

SHA256
41b327e087b70b83b0e01151e4f28986be34bda403bf980974969c1d84a4bce1

SHA512
dbc980553229093aafe1653bccffd07ded587a1d609dc230a8e76b3a3950193266c7c19ece85d1e2820a10410c8ea2a23ba56e1b1c31b286ee145fa289ad4eaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578b29.TMP

Filesize
48B

MD5
e888a013bfad9e287689aebf5bacb19e

SHA1
580a54c52f44150369a445809499b0102f835ccb

SHA256
8c3358b8833ecc348c3a6bb631026c32b8d2cb7180ec87c953b9ee5fb430ae63

SHA512
32213322c9779b317c25cabbe21f1c58378647e71dc34b548afd42e8d929ca2cd201aa1a11aa2ff51b058daffea610a2668e45093a0c560dfe2c07b0bd1f20d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
74a9d9857e3299a190cd90f22bdbf152

SHA1
4cf9a2e512cca5a5873ab2bfde3d15d2d88efab4

SHA256
b19293df50ad19acbe8948170f8d1d9fee4b3e6d3da3835f27eb081176652101

SHA512
88539439df0755e11acee81f33a44666e1b910f463e870b1a3fe6925e3494ea9e6d38e58fb92146ed0c20e202c011020d31d598421f96787d0462753890c8221

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
527701bd6fe2a05a240d5b3fc3677d84

SHA1
9637374560eb89d8fbb096cb5b03da96b5f8b670

SHA256
757389dc8d8e5e1a5ffab5dd6d7dbf58fc757391a021acea50a26c26a6f2a815

SHA512
a8ca5c45c9f3292eb55742a530d54d20b2e2086a784b4aaab8aea76bb7a0cd823b0923ddce2e64f18dcd8e7e772d1ea029520040dcd006511b625ed50fb58672

Download Submit