798070d0a5a38d654e60b72fa75904d03f98e66aeefad6be31c7550e4103fb36

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05-03-2024 11:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b4a146f704b8287468bf633219dccf8a.html
Size

430B
MD5

b4a146f704b8287468bf633219dccf8a
SHA1

33bdeb85f4d7c6fcf33fddc5467df941bb557fbc
SHA256

798070d0a5a38d654e60b72fa75904d03f98e66aeefad6be31c7550e4103fb36
SHA512

41909d887d52e3d8afb5192868513af720460094eed6d24a080f730ae54262a414fa075703f79851507ae26ae32d6017f381915cb7d8000916675af48340b821

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2836	msedge.exe
2836	msedge.exe
216	msedge.exe
216	msedge.exe
3120	identity_helper.exe
3120	identity_helper.exe
3360	msedge.exe
3360	msedge.exe
3360	msedge.exe
3360	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 216 wrote to memory of 1696	216	msedge.exe	89
PID 216 wrote to memory of 1696	216	msedge.exe	89
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2068	216	msedge.exe	90
PID 216 wrote to memory of 2836	216	msedge.exe	91
PID 216 wrote to memory of 2836	216	msedge.exe	91
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92
PID 216 wrote to memory of 1976	216	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b4a146f704b8287468bf633219dccf8a.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd753846f8,0x7ffd75384708,0x7ffd75384718
  2⤵
  PID:1696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  PID:2056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
  2⤵
  PID:5300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
  2⤵
  PID:5508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3576 /prefetch:8
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,6946454611243935616,8442826392887085943,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5184 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2176

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9ec9d19512fc8110036d7bff6f543531

SHA1
99a345c861d6ca58f493ca4fc8db10b37340034a

SHA256
60e9620637a21685dc90d6c03aade61e29f3c033254a77729eefc4469336ffa4

SHA512
bab287eb3b376fa335d5528326fc5fe841530751041b56a7377bec9e6f4827bc6fb001c6a3370adb0ce7a59e02b96a45a957861a90a130cbd078533e2f64ee72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_best.aliexpress.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3a76d56773dc39021b5d5ef9bb66cbea

SHA1
c048d2dc82c02ebe43e14a4980b62e32c73b1059

SHA256
86f4d872ad4bd4bca26c8c46245cee03136c09be0c93cc68d2deda3084daf764

SHA512
dbec19ab6105d7933178303284f63470c03436b5c5efca1cc25b57877efb77032f0b752010040e6406a3ac3625a9db617053e625bc2447850940b3fc27dd3e86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a9c1e78bea0a3f17c469f4119b965467

SHA1
601826c83e956022340bbc9306d9165649a9bd3a

SHA256
2add51a0a9e74530c122322cd830be16824fd2c851645e4afee70620ae947651

SHA512
80cc078c0216fa8aa35b2bd0368be15bf66624d477f593c01147fab39ad2dbb8a0c65ea231c9b9f77143578c1d15dc847ea4554a8d1487fd01c3cc1deedce884

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1dfedce8646d9b3257b4664f7c462ea4

SHA1
f96536849658d89d4fafe4342bc8423b9093b703

SHA256
f4a422d0e36abb94fbc633481eab0d0b437fefecb92a75ec26da564dd72374e6

SHA512
7b4240296666d1cbe4d67dc2b9ed82dffa2573c3393d103b70103e4775baee7db3e48aa3b97d3dd139229a3b140d1f125a2ccfb29e695694f4c97b94bac4dbbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fc481fb540e5aceac3485edfaa715dfb

SHA1
42bb6e71617f7830be02dd61f57cb5b836b146cb

SHA256
002e4b4432e630c2ba84fcef4386086b49abd8bcbaa4374ad7e2aaaf282f01f5

SHA512
f86d4fe8ddf80f2887b3d18b0925fc4342bee6652ab180aa26b2fb48abfc7e13b0f873aa05fa2a49b7924d26d8570951a2e8e5d03f70a2e0173eaee5664b6ec8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3f00d3b4786265a704fb3bef2d70389c

SHA1
57aaa902df0ba2c7873e32083afad744139803ce

SHA256
0f8cd0ec4b7c36dc754287f409479a7cb0ee9cf69af79fe149b92306b1ff5636

SHA512
cb9c1e358faf6d235850f763f43f640d1f65932cb39a38b4669abde529a96fc46e00725ff4746c1a783240fc20bb39fc39bc2e871a510edf0a8a67c06ff1d180

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
264B

MD5
6dccbe232c30c3e0946740e62e572636

SHA1
38bc7a57b7cd8e507dd1a093562e8b7140a4bb50

SHA256
f3b98cc560859fafe8c6bc279f28930af237f2d6a5623766d183c59fc74d69ae

SHA512
3706ae685f755b7db7319c05f27b73c667d16e1d8de6fd26b11ab45517e81c366a42647bc143815c7d5a4a1d5414a5c6e83385c62fccb7ce258baa32ee62f42f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d784.TMP

Filesize
48B

MD5
a790d435c4e6e3e92445b9cb6b4b051e

SHA1
97b41727eb2497ab88241c611d9d2864684e6fb8

SHA256
ddfa4fafbb33466a16b3bae33b590f78af1d14a3cd9a076a1c9b85a354444992

SHA512
004a43bc73b299f348c5c3a347132251c3e5363583ee5b933d59298f10736e7550f36a858734bb7b289fc866d31aff3cc0f2ed1b76b2b568e0c404d07e293f7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
ff37705d61e3f63ef892be3378985279

SHA1
0cd5ecf762ea6c1a0029a5a9fa172e0348c1970c

SHA256
98231aa5df8b55bad4a71cae0241bbb6cc7c1fde6d60e1026f81b1bc03bb13d9

SHA512
b5a5029c19613d02c876fa6bcd1dac63b616adce685a4ec9ee4699c3596e3eacb30b97282f40da6425d87d3ddcae4adbe21a6fda04e041a4cec0874df697f622

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
21beff8664463b1f6fd49eb512c22b0c

SHA1
c758ed9053118a004254a639c31edcbdd109e3c2

SHA256
36b0c16a502b6a527d6845701c9a00d7728de83f33a4b52c07153eff6f12d448

SHA512
b43bd93de4e9ca7f000cbb63dd472028929d6698cb7d0590ed91970e0f099d15f89896d72ec71eb454070fb7569abfe466c50f9343fc53d48bfd3ecf02b2c06c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
4d6a6355e22b6f1ebe80a41069520212

SHA1
2105fac3d047d94bd4a3ab924ef5db32227ad236

SHA256
3d7eff61f8fce4f893029bfec9bd5cc3d4aa1fec718e046d2e39a2b4f5d9106c

SHA512
5564d5a3f44cea4734517701fc5ffe57de7c64c2f09d1073b2b07efb19ef760bbe07bb0581a674b4c98d9d17c786ab5245093fcdbe35f5ae7de80053424e3ed3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5790d6.TMP

Filesize
707B

MD5
da05b132204c6dc266b3fa97e67b2870

SHA1
d531eaf88cc71eb37a8f76edcb1ddc5f45721b56

SHA256
5498cf5c5638ccf4463c0570655a816e15e67e14cae1fc4c03bd06a6f4ca9316

SHA512
8be1b2b9634f14ab31a5f1740d4d7d0e5a7cea2a64bf5d74bbf3ece2dcdd6b3a17150fa88a1e411ea1dfd9f16c4ad5b44ce00217ee4ef57d0046654f05123d0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6435f5e56003b52f7ee197ea71110a4d

SHA1
50256dffcf89594d307553de7b6b64dc6e6b2fe0

SHA256
6db0a62f70bca5af0954b490f18af8245c10096174cd5190c5df04ade6776805

SHA512
a34472c0466b8ed185340199db83d2c1fd278d885fda7e7e198b4efb2f2a9a049e66c618b200ca88df2c53c8ec7f07268a264d24e184e87a1b2b93933a94920f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8fe5b0b2499913c0e9824a815c6ef8a3

SHA1
eac4b116c54b08ed97257fd80332a292a5883be3

SHA256
864323e96fffda77d98d6ff848ec0a68e0fd7deeb8d3afd356bf5b89d9f03538

SHA512
3759408a9ad75036ac57ea3273a8bbd2f29f8c8d7488459229a6651c6d4305a53dcee261686a504730b4904fdccda689062684bc1fae531bd8e0f7ff7f844076

Download Submit