hxxp://maxmycapital[.]com

Analysis

max time kernel
156s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
06/03/2024, 05:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://maxmycapital.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2892	msedge.exe
2892	msedge.exe
2364	msedge.exe
2364	msedge.exe
2268	identity_helper.exe
2268	identity_helper.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe
2892	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2892 wrote to memory of 2788	2892	msedge.exe	87
PID 2892 wrote to memory of 2788	2892	msedge.exe	87
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2284	2892	msedge.exe	88
PID 2892 wrote to memory of 2364	2892	msedge.exe	89
PID 2892 wrote to memory of 2364	2892	msedge.exe	89
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90
PID 2892 wrote to memory of 2288	2892	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://maxmycapital.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff967fa46f8,0x7ff967fa4708,0x7ff967fa4718
  2⤵
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3816 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5520 /prefetch:8
  2⤵
  PID:1452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8212380092262350806,9339691608884467165,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5760 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2432

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4272

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3e4 0x404
1⤵
PID:1424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fd7944a4ff1be37517983ffaf5700b11

SHA1
c4287796d78e00969af85b7e16a2d04230961240

SHA256
b54b41e7ce5600bc653aa7c88abb666976872b2d5e2d657bfc1147a0b49e9d74

SHA512
28c58a2ccf39963a8d9f67ea5b93dbccf70b0109b2c8a396a58389cdec9db1205523a95730485bcbc9d533867cbf0e7167ad370fd45740e23656d01d96ee543b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a774512b00820b61a51258335097b2c9

SHA1
38c28d1ea3907a1af6c0443255ab610dd9285095

SHA256
01946a2d65e59b66ebc256470ff4861f32edee90a44e31bf67529add95cafef4

SHA512
ce109be65060a5e7a872707c6c2ccce3aacd577e59c59d6e23e78d03e3d502f2707713fda40a546ed332e41a56ef90297af99590a5ab02f686a58bcbf3a82da1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
24KB

MD5
070a0e8d5030a64ae84707608c194684

SHA1
5c58cfa60e84a7acce7683252b6b0e055855d128

SHA256
91cec5c06367f7efd5b093910b411312898875390278fb1289302501c5e47990

SHA512
01b6ed936d774ca2a9dc03defefa77db4cdac804aa125c750bc70fbb10f278f66ec1a1c00f9859c84a0644e49966625047e378e34f4ec8e547cf6cc7e93c081b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
16KB

MD5
fc02a3c78cac0f6ab99c6c19f004d02d

SHA1
7bcc73042c63c86637084549daad26aed3621d64

SHA256
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3

SHA512
201b9561731cbce83b5cb9e614a821b00e35edcc3f9af97b76090c64d7aab1773cfddbaed0c1c2b4ae81a0a1efbd1d32e2f1f81f11839e96ce63f8225b35ef5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
638b12430453e0e914e57d08b708c261

SHA1
7f8a5ced4fc328aae8c6b6ceca0ccf6d6ce8b5f0

SHA256
d21d665955dd49427171d40187d853a885bfcd73e79b6dbe191cee233c96a719

SHA512
4dacf68d6e0292588337f1cce01cdfc00c2b021f76b94d95dd3a21b3c7bab5fdbf5ff98de3a03d794a3ba51ce3b5b89a3c0ae404f097111046df0b7a7ccab408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d40301ea35b1a814af18b4871df966b1

SHA1
be719ebbf827083a1d3375351c153eabe6f3693f

SHA256
456eec730faa176097cf7c82e3f37306789e951b60ba4b4b69eba3b9fe655c91

SHA512
b425e7ca2f23bb890ff788e6f86281ac2d1f4ee8ef132f6c2f5638b99ed87f38f4349c5ebcad0eed32555f43c52543dbd96145ac5baca5b4aea63320a7ea97dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_engage.wixapps.net_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_engage.wixapps.net_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.maxmycapital.com_0.indexeddb.leveldb\LOG.old

Filesize
401B

MD5
10fd6c4fab641ff7574b349c64b2d83d

SHA1
d424e2fee891fdab9f2ce2be5a73686a470ef329

SHA256
db85c24e09b6c84addd34a3363b96b7a7f214a15ed81b760d95ed420ccbdd6e1

SHA512
fb05caa490911329d7683ebe938ddec958bd5945fd218aa883faab8f24246e694661408f91a21817985ca867b8cc6029d8f1d1393ccc4a55c443752ee571eba7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.maxmycapital.com_0.indexeddb.leveldb\LOG.old~RFe5908c0.TMP

Filesize
363B

MD5
e089faa1c35965977352bf1c95b3468b

SHA1
c5309f8eda4cb2bfc25e2c80084b31820cbea560

SHA256
a236fd2e0a211381955f13f20fa9604234d9cf0b8086d864c1054d02e6e0d1a7

SHA512
15b30a360a2b02f5ee5bd4544b10d380ddd3f3dc1f00e1dafbad6146aa7b0b2ffd333a7d4bc0c89baf8caa8bb32f4d4ed10134e03605c63a0ede6e693cd5cb7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
36526f90963b48f422a6ef7085c57605

SHA1
eabe0489fe0603c89c21bf1ea9f6c0aec9b229c3

SHA256
2c63b9ca418e6d2d54534214fc99a61ca6a24db438e88dffdd96f1dbc7baa66f

SHA512
bf49dd7b43ae966e499371b8de6e43b0307e843c774f605b75ac8c498a2e1d6f60d7793fdf2c3829445f6c222b881637dde7dc8be5ccb100c3a61bc334f06269

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ae6f16cd69a4026fbcfdd316b34bd5f6

SHA1
a92c569019198c04eb0f698263140bf63d8fbd88

SHA256
af920861fb6e8485c8b846ff3e04dc68b426a4df4d3cce383ce0ac01c8f22b68

SHA512
c1b59d6382d441226e14898dbba25dd8ccafbac5616a1f0c4b37f88d0d411b4390ce0e2102c6e4e34641f16b9abc56a12076d66a3e5cf7b94068d1451fc40d8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2117b5b598bc1a94bb16ade73d78c8c0

SHA1
f79269819dd705064ae56d39fa2bbf355d534492

SHA256
899cc5047029fa8f03889b113562a9b3bdff2b3352470508443a5379df43b515

SHA512
ab06643bb5cbd70d3cf6e02244b1ecd4951a336b6fe0db44f3f6e503ec7ad64cf9a3b3493f4333b86630843bbe0867d780537571a1fca8524d0a2c63976f40d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
d53327f808306f8c2a52dc1bb780ae7b

SHA1
74fab2de6f2008c67ba3a0259cac705de59f40c9

SHA256
4a3a49f574218f9269bb3486eb1a0234a9ae7024355da6310b8f9a426d9d8bc0

SHA512
9682f78bcfaf70c7f08f6a44c193c31476ab332ff88e94e7f6266d446a3134e98288c4d5c1cc22d21f01a82d95010e65f946a5af912842a01d8c6f433825243f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
dfe6cb1cd9ff3f6a2331071d4538c1e6

SHA1
c1d7cc109a7251df3b841557b9c864fc4bb49b29

SHA256
6f1d7f5140a19f57b9cc976b77afd4d72fbf8f9b1abe9ac94ed4ab13f38e79b4

SHA512
3d3047077c6d6da59f10b3ab2c7407832e8fe14243f454a9aeab2c9bb2bd97618118a59f398ff6f507c513173268779ebcf98698e855c5943de17c8af6ff3dd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
92c7fb8f52a497c591ce3b699371fa1a

SHA1
48716052d2f459aad60e9440f7bb449e56019d54

SHA256
42fb0f464a91f97327398636d508d732b56d96da91a56041f3454528df9b2097

SHA512
07098cf003ec3950e2ff7347ac6221f216269fa400f59d0d5fbfbef8aea629f283fd7512965a067dcc8efe60019eccfccf46049d5fd0610a1ade6a0ac55d55be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57fe26.TMP

Filesize
204B

MD5
508971e6ef7a713083a0b065d4f103cc

SHA1
fad6588b94294caceca85c9264910b4a4f521349

SHA256
a1cfd75e03ab4a0d71c9f15f3bb88d71a514dd9d383f5b8d8b03f46407e09b8c

SHA512
187b2c70d91d6e8f51779598c0089d3a6c7a92b9a444ae01d72df7bd5f4a1bad28e16a4f7de3e196eb9280635adf1cc1e43ea8df32532605ce45b5548a69d7d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\da87161f-3c82-44cb-93b2-5fd7440105bc.tmp

Filesize
6KB

MD5
4da39a40216ef29057e4d3d7a76b28c9

SHA1
7bd7e22635a9555249b3a97fba3251155dd6e01a

SHA256
0dbcc609d88955628a01f03b60f7eb1f125c8d95485e203606db5fa0d7610807

SHA512
2e3e9c168ca11064b4c1bba04c4b4b53fa896d70468ed4dca42e2242571271e613b80a603579db9982aaf697bf86870b344bcca0f96f2c8cef4b9970f5425725

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7bb8e17adf777242aa2ee80bc89e08fc

SHA1
0857bb9b2be8423c33eb9186cbc1eb5edef28e5f

SHA256
b974188701bfe6dc8af30b966dd1aef7a9a250a78a8708cae90d64935d0af705

SHA512
500dd71d201561d4c63f8ae4b0635c0485247e3c8c19b8b531942b1b67723a212fedd9b4c8ae6ea961bf24c4317d39ee7228ef99c57e88a7e39a46960aa8f337

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
5f3d5656ab4836d8dd71661e2a5642ab

SHA1
9413a400497bd3ad325a3939b44096e081a1ee85

SHA256
f01080e4cf6c4d1712a97ba09f732a88447db048d3378476f6a4e1d7432e7c61

SHA512
be4b78a9448711f34d008849d9aedeb1785f824f4cce6b58c3261556b7af04598d3ee5f2b21b62ab68d615563beb44fce603c3a878ed1e562581464e2c646a00

Download Submit