9b4f426ee76c2485e784c7e4d2b135d2e64165d33410ddaa28bae840640d1c9a

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05/03/2024, 07:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b42362bd4824826f41c0f99ec94c5524.html
Size

73KB
MD5

b42362bd4824826f41c0f99ec94c5524
SHA1

5bf4b624136562717dea5521bdb6c37d31012776
SHA256

9b4f426ee76c2485e784c7e4d2b135d2e64165d33410ddaa28bae840640d1c9a
SHA512

7f48894eb532ea4808ff6b76ac968ee56466d343b87864d9183c9d1c692c942e087545e12b2fd9b24b53373e1618731bf6bf2b10c612a59fada6cce5c8853d3f
SSDEEP

1536:EAPY8b8VSeO3hNfK3akoaS6cgRrvxhAGPzCB:xeO3hk3akR1xhAGPzCB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1028	msedge.exe
1028	msedge.exe
1568	msedge.exe
1568	msedge.exe
3176	identity_helper.exe
3176	identity_helper.exe
5476	msedge.exe
5476	msedge.exe
5476	msedge.exe
5476	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe
1568	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1568 wrote to memory of 4932	1568	msedge.exe	88
PID 1568 wrote to memory of 4932	1568	msedge.exe	88
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 4736	1568	msedge.exe	89
PID 1568 wrote to memory of 1028	1568	msedge.exe	90
PID 1568 wrote to memory of 1028	1568	msedge.exe	90
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91
PID 1568 wrote to memory of 2676	1568	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b42362bd4824826f41c0f99ec94c5524.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda33846f8,0x7ffda3384708,0x7ffda3384718
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5796 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5796 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6004 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,6330789672055859565,6925106216595678527,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1316 /prefetch:1
  2⤵
  PID:2976

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3196

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
47b2c6613360b818825d076d14c051f7

SHA1
7df7304568313a06540f490bf3305cb89bc03e5c

SHA256
47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

SHA512
08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e0811105475d528ab174dfdb69f935f3

SHA1
dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

SHA256
c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

SHA512
8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\91a71ed1-2f9f-4284-b35d-23eef1e73b32.tmp

Filesize
6KB

MD5
88940508c90f5fbbb81b9367ea20f3f4

SHA1
27aa83b3cb83af7119be54b9fdd6e3cbe992a5c1

SHA256
1a4d99889a995d07a7ef2b16cadec98ae8abe28fd2e6dbe34bd69d954fa368a9

SHA512
255dc1cf109c64dd65498558fd022047a30f8720dbe5ced5970f5f1b6f5136c291e690686045b5bdde701a1a83b20f7ad758bd4daadfcf933bcb18bc51e12c96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
21KB

MD5
ab9158bd77cfb3310b79f13bdb8b4335

SHA1
a929ce2e0439cd283d8317790f5e00c1c93eea8e

SHA256
e321804d2a4f9293089cbbcd0ae9287daf5f0406acb67eed25f84ba82dd463f5

SHA512
02ad736bf6e531e31b8bc2b886794dda002175313f7ad9f4a5edede8ec8bffccc9600ef1f5b70c8280aedb9a1cae0dab9cba7c7a55d190a7662b92dcaa68398f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
54KB

MD5
b767a6d9687f675ff12741efbf6215d0

SHA1
0c3207eed6df6b2dba7b70f01de68b950d2417bc

SHA256
c951af82550a5ced4e81464adb206ee2fa6ed7bdf96e5ebf3e263c6573542dbd

SHA512
c71c6d1cfe03fa91f1f503f7920d5d958e04f6460b9e8318e0a0025dad30174e327278c68eb2cea8fb019d07dae0b0d861307d4751fa05b310dc4524abd7641b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
44KB

MD5
ad8ae7076731113fa275c548e7ec6430

SHA1
cedc20073c80cc688b9f90d4b4c1ae912d14fdfc

SHA256
6a3863cc63e6ba123d3ed5caa6e87d9387742583440480d756cdba14195dc370

SHA512
100977a6d88cc03b633f00848f744c9842bd5c5898b831323236f6014f7305ebcea281be6c22af9de3e692305a8f054e6cafabca6ea88b4b030ccaa888b383bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
07d6c12199002e6ce7e43dfa4430c9e6

SHA1
4e63ae6605d544f1db8d03576acea06176285aab

SHA256
58540ebf93a93fdd27681b85dcb397f4e9cb4a741b329eb5b5dbcf3967b4a178

SHA512
9ae2ed708b32aa35f515a2bbc0348e23bc5247c467a5a8296919659cba9c1beafc9c51da19838489b55d3e3528bfd309a37b5482f04537b7b33d2b4bcb841784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8e8ecc3663e5ffac6a5be0f5ebb48ed7

SHA1
d30ecd9e65772c9669b9ee5a58bd7f96983fe180

SHA256
20a112680c7aafd1a5cc36e2c70106272a164e2154e96249f96c09822d2793a7

SHA512
b33da658893354f72126d199d3b9f5fa082d118ddf2b365e02052b49b8d058615b5b75741913b92b311a273d8a627b919b90b075ec52a2a4f5cb6fb23cd27a99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
aae4de64cbc43e337a42986000f5f59a

SHA1
ce4c3467dcb805418ccacf13a987055f6c18bf5d

SHA256
730cfd1d3d719bfdefa5039aa6644a0b91fd35147c0c635bcf19a9adc07bc04b

SHA512
70c14c739888a8350d730aae24456de72c523760140c2be8df9c2f701d8008acc5299608b4f4d965cf9dab5ced2be2c65c034e0db018149ff4919e2cc77c9f0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
7722d7001b0dc922c5666c3293a13cd8

SHA1
b30468c6b100e668fc42676cb6474801ab5e55c1

SHA256
5b295fa6b36e505ea190d20d054fd2e663b5b9882d76de82a3c5efe0d2af7874

SHA512
4c8d69abf059db63c2316c919927f437f1a610c842edbecbd071e5d2234a52c3ddf7c579a05e2691ec1529d990f727d7c61393eebb1ea9ab8de0c11d08f77605

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
2ddebf81647e177e8a08cd94011cdca7

SHA1
0f34b1c448daa53da4affbfc9beb85102fef0064

SHA256
72c36b008db2f2b842c1ab1a1ce13776a811724098627a456c6ea457508339c9

SHA512
9057adabfa081b2b4316a1bf27809a5cca07889619e436c11702362556b9c8a430d606a54dd4a0e203f6acd465746275ccc139bd9e0a94f94b5eae075df308b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1018B

MD5
313b2dac9db1a7fd25b24c8123c60f96

SHA1
68670653e2280fa946a06bca5328856f91362ab0

SHA256
1a8c4bea3a79b396d74951e60f1fcd0f99aaa0906b2ef2bd494accbcf0115bef

SHA512
bb63c61b3e25ee08d0945cca7779745486a39e005996e244369d10f08e9c46eef01b38c9693b125cd73c4db4bd272724e2b518e4b7398f53c93722894fe1fe39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
40606dc31980c6939cbe62d6c8e27732

SHA1
bb890ec4b04797c0c356ee6ddb53b16e5979e665

SHA256
2ad5f43e883978c126faf88e97aed03961fb17bb20ae083257a5180de5d95281

SHA512
436dbf9177b5456dad3e6ee084dd6ae6eae3179bd5370552e636cc684f42adaa8e628fcbe99f03463282787def24768fbfc467f3d5aa263a8759fa59078eb969

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
51a0dbef5cd16e1a247cd21bc8ec459d

SHA1
76894d446e4c03c029602d06ee7ca1f15f122e64

SHA256
f32b15cb4269d8168140f77d4f11b5eedcc6a6eba6108fc6c1f681d2402f3bad

SHA512
2f84c307eb800b8e5dd00e3132515ee5176c035c0c1cbe96b756f0377c544a89e4b32bd5ca5ad93e2112f464f5fb855ae143a88cdbd567527229afc1ef941316

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50476e924d3267b308ba9e80b95365a9

SHA1
48992feb9685b2e15c58a4a7f630c2b6ad01d5be

SHA256
6437d00ee0c8c2dd31e8fcb811429c10dca13579930484ca71cf0f6cb2aa4df2

SHA512
eb4feec8c497c73fdacafbed6cc580012ec29f62e00778a7c99dee6b043663fdf09bb6635439d15ae2b12db6416273128362c1c53be4e5a1deee65f96f6acce6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9f495a13c226410ebd453dd11fc41143

SHA1
7e6c0ad6719d870a35f3ce4f258a554388f545d4

SHA256
1980f13acc9d4ba536f8377f916ba5e2102f24e1b959ec798921ebd8af0b0bd9

SHA512
8eb89dd7e60ba16fd069db578d8b57d7a2db679fe8cf8d72798cb21c13ac3d38a2a39aac89b6701047eddf97a0134ef66b741f4c7f916a3dc212ebbdfba7660b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b62df7f57089d7e5b392543c0eecf706

SHA1
a3978ac277482bc303af2c361c06ca3b49044464

SHA256
8a1566d517d54ed72688cfeb84e907bdc09563326523b426e04cbf472bd3baa9

SHA512
62022f0600b8c7e123ab8bd1ba23a7fdcde3b1b62e627ef53ffe0cb2bd09f888ee5aa286e47359decb214409d80d06f45eeb0c2a92a73a7579d2e05ac99faaf5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
ddd7bb9a51638cb17e56eb3e311c949d

SHA1
63acf7d2b76b042f44245ecb37468426038c45fd

SHA256
f98ea8eb3ae9995447a1aa8547b81884e9da16142537fc7eadd05f437b6a9d4b

SHA512
f672d7f29b6b7186e24fbd402dbe53a605ef22416424ed3f4742765fb7025f4d4f6ae2a3304beefb44df9449a0035b74c78a41456f79867820d7a84514ea0255

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
c2943368cd69fdad428205c779900156

SHA1
2222db34ca7df290317f7d00c717d9c1729dbe07

SHA256
29c9a5a84c78c7659414bde2a5bd5bbfd33eb63849d9fa457b8d0f20a75f61d1

SHA512
04d171717b71413e31d7495ade31fe793d52ba07dae0af6dd4237e75c709cbb3efdd341d93997a87780e0b1ec6fb4b0bdbab0cd1c0b042fb5a0efbff90da2ca6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
a21ddb65021724e1b59a7644eb29d711

SHA1
32192200a52bd95c1fb5a5de5739bb927ef1f437

SHA256
1f0b7fdd438520c658c9605dca3d42b3ed824c51a0bca52fdbe96c34de43300b

SHA512
24f8cb15b715b31f1e371bb2fcab32450ed42fd6afb7631ce17294b6b1a853c2d7c0600791b74feb9f1d8f9a16c806516a7377ee635fc19c4d288c8f99e8714d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
77561020f0f9897a1cc77725659f45ad

SHA1
05c52541238613cf0ac044349c86cba69434c119

SHA256
bdbed019ea077735f6e7c0899527622cf8afcb5cf922722e5aefde3effd962fb

SHA512
664351b1adf7935b5d544288496b5ef94b43726df7f3c48cf7e4ae18dd21e46a4fe0a56c9e8ebf0470c996faba2cf3283e5cbe19a2c57b424bc1f447d35042d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e908.TMP

Filesize
203B

MD5
246e4a1d021e1b2994eefc0b71bca373

SHA1
049923977d5d632305f422e2b32e255f9e702629

SHA256
d7fb94d6326279930a044bf58d28cde43efca7a95157d57214a226b0e0079c55

SHA512
25e1b56c2de673cda7ac2e9deca922a495b2be33844b674b4cbd6fdf55471221681c0c0240f2a3be8b2369ea8b52c6154dfe829470dd824262ef87f68d6b897a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
dae22a2c67b305a6fb57207cd144d871

SHA1
f311f5fb73ef7e1e8a17d40cf3273e338d4979ba

SHA256
6d19cb1264eedf125bd610003ed29c018774a08277e4e751019c32db1b0ac0c2

SHA512
0cb7441ac324c164d0d8ea29fcea79c6d4158b4e3149c07b45ccda1261be3e211a3ba6067d3317e9c63eab51a14698eb7b1bc1279b8fed942cc1361113d761ff

Download Submit