55760f94fb53229ecfbca270c1b0fa1fbfe516024104d9bff8444f13589e8b7e

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 13:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ac02e46aa2b58a4b62720b85960a0715.html
Size

895B
MD5

ac02e46aa2b58a4b62720b85960a0715
SHA1

2502996217e1aa61800e368a149849bd3a3f7853
SHA256

55760f94fb53229ecfbca270c1b0fa1fbfe516024104d9bff8444f13589e8b7e
SHA512

7825f8b734b50f8cbd8952ade5766dbdc9e62eb825e18d5e212c940da3eccff1f6d53a083f7e270a5b7f27aa90dd63cfc940d25c753a08a749be9cce252efaee

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
8	msedge.exe
8	msedge.exe
2164	identity_helper.exe
2164	identity_helper.exe
4240	msedge.exe
4240	msedge.exe
4240	msedge.exe
4240	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe
8	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 8 wrote to memory of 3484	8	msedge.exe	45
PID 8 wrote to memory of 3484	8	msedge.exe	45
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 4580	8	msedge.exe	88
PID 8 wrote to memory of 1224	8	msedge.exe	87
PID 8 wrote to memory of 1224	8	msedge.exe	87
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89
PID 8 wrote to memory of 4488	8	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ac02e46aa2b58a4b62720b85960a0715.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe9ca746f8,0x7ffe9ca74708,0x7ffe9ca74718
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
  2⤵
  PID:4488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
  2⤵
  PID:628
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:4276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,11767053339694316095,9441375190524683963,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4240

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1932

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
bd426cb4e1f1f219128788f9f258e0c3

SHA1
aa5c3d725bd1412cdec099c95cdb7a6a6b63bb6c

SHA256
3c546b8f344539d9189ae2867d0718e22e702c5d50a7ec08be6f565eadd1abfb

SHA512
6bec79d40d6b89ea32889c9d44ada59868b38679e39933436d4028d2c56d0537f6f3b75f89eec0083bbc5d23dc5772f35f8adaa98be74388a96f4f9fe33943ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
fd1bfbf6c93b3ad5508ffdb6ae05920b

SHA1
32940b2c9e6fc357b0968bcf2636f1e61df36084

SHA256
48ed21b5ca1057539c11f6e9933643ff97e27ae04a2fb9a1ba56536135c605fc

SHA512
04596c648384263746e9f696903d765a29a9c50a32f27579b839be78c0666e52bdc3b5851ae15ae34acce957a0c9d215dacb266ccf0f2eebc38d45104d4396ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
908dfe74d1d94805408ed2df3fb21370

SHA1
ddbdd095c8ccd5624342a2837ad9bc71da9d9614

SHA256
c17926376a9c3eff5e8a06fabfea91f883ec8c7bee1153d7b27f273fbfa8dbc7

SHA512
321f4063b1cfbc96dff470897c29e2c3079989979a26f029cd344e0118850a2415c8b036b671f5d44a72cfe3cb9a5e96ca601973942921350a10c2d4bc3f1c2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
0bae0fe71c6cbf47ffab0175a306d598

SHA1
46980621a07112f75bc60474a0b890c2278c854d

SHA256
a76c5cfd3ba9df9e2fc83360bba3bdf92ecee986c479c078bbc5f9969e94e850

SHA512
aa20f5a1b1b21e7fc438c9ecb5454e8ab644173e20549e189d0608100bd9741c880ce3500ecac8b13ddf7aaf2af592127f0a784358d5477df85e56390f0cce71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
b8ab2bb821c077965b415dcff9254920

SHA1
7886c25971fc3c7c10db0c875335ec64f3204426

SHA256
65ca262f68a035775fe6dbf36d42aa9b03ab57fb3d7bf4862f84b9b75a50dc00

SHA512
ad2e2a67a74e2104890edb0c85a5fa9de1e54bed0e690b417def5b3834dc304a686c6fbdfbbdfd7f7fa38b129866ceeaf7144851c3de7a71c876b07ca05dae2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578637.TMP

Filesize
48B

MD5
9f99ef0fc41c40c89021bf1da4202bbe

SHA1
0adc4550f07cc38912c52fcb3fcb57edc6779519

SHA256
bfc0392de47f332391acf0f8d808e968cf4b76de8096458123f29a466963d256

SHA512
8170577add5934b561b374931c9bd627ce5fcb4941eb9f80695bb70d5bd13c6ce2f7a8432e758b019b1b21a9d837b36300f4228754c9e21d97d2704bfe6cc4e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e4d86d896c84a7b5d4f0fb3710d2c809

SHA1
999731b7cdd11821a39270411f91a01c3a074aa0

SHA256
bda922e10f653cb17e9f1817b7f63879eb7aecdf6e3aabed0471f2762ad51eb6

SHA512
2076b94477b8b435fa5774957b714a366031967f38c6a9dc2002c2a770f191951c1f93c24959253ee97b73800508a8b1bbfee8f6b9bcb8408789232fa342ef08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8432c86213d167c1a2b3776ca34bdc89

SHA1
73474ddb16d80c5b31f74e4cc1308b50e7a22a3f

SHA256
56bfd3ab789284c5c3f451a590f4ea1d55f14221f18a90c906ff3195b12a7f1a

SHA512
8b0730d00e68d6bfd8195b25954160d3cf7dae993e427aad52ed5ebb434f6eca01eef8711272fd2fc0fe0ea9aa110a855825aa3e112f22abf5e66061d321ef85

Download Submit