49d9f0e43e57e9a5b9d7da7a62470b9b82c1fd92bfd91acb8955c0c950a09646

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 00:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

72KB
MD5

e83f58aa2c44073f15837a44c5668333
SHA1

db3490986df7f1fedb4075622415021254821bc0
SHA256

fa90d48489000756366e53439471a2cbcd250745e13ffde45bca647a2ed34773
SHA512

c7495989ffbb535204f61569e0062be21b5085127dfe32adbc28b98bfbe97557ec7f2b40f28f7b8f57b3f9ff36459d5ef20dc56deeba40fae0db4bc9357c7147
SSDEEP

1536:WMJv+rvX+YYdGHM+BhRE90WWK15UYc+ZwwtrwVZx646Q8nXy7T1Gt:WBsGyeWii8wM8nXy7T1Gt

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
5024	msedge.exe
5024	msedge.exe
1376	identity_helper.exe
1376	identity_helper.exe
5288	msedge.exe
5288	msedge.exe
5288	msedge.exe
5288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe
5024	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5024 wrote to memory of 644	5024	msedge.exe	89
PID 5024 wrote to memory of 644	5024	msedge.exe	89
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 4500	5024	msedge.exe	90
PID 5024 wrote to memory of 1704	5024	msedge.exe	91
PID 5024 wrote to memory of 1704	5024	msedge.exe	91
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92
PID 5024 wrote to memory of 4600	5024	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb216f46f8,0x7ffb216f4708,0x7ffb216f4718
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2436 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2964 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:5728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6356 /prefetch:8
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1864 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7404 /prefetch:8
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
  2⤵
  PID:5888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2212 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,12201166881985888094,7251663549942480939,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7260 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1488

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e4 0x52c
1⤵
PID:6036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
47b2c6613360b818825d076d14c051f7

SHA1
7df7304568313a06540f490bf3305cb89bc03e5c

SHA256
47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

SHA512
08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e0811105475d528ab174dfdb69f935f3

SHA1
dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

SHA256
c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

SHA512
8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
919347c645db75401f4c1bd440702330

SHA1
c547af1017f4ba7fb0e936149c26d27dee3a6d5b

SHA256
02c09d3b1181c200fb032933b87a9254040dda7cf5f5664d1e184762759e859e

SHA512
d829c3a6ebe0b0c3e7cfaee9ec90dfccc934bf476a1d66f77aa951888b509691b181d424012b4c42df3a8d1dd5b2e2b2e9b470f0caf9e09d42ed79fc90476564

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
4709c86fab3f83b1ee1721dba05d7ae1

SHA1
9f6d9447bf90fd8884d2fbc4c3a3133c4bee293f

SHA256
b147003e3e3d220e1fca0b930730bb7cf157f533368b108abde8c9121c48e30c

SHA512
54f7a9059beafb0c621e5a00252e51faf6d58490367f5711deefea867045791b8d41776dd24fc445dcd8c53dfdf419d4b601113f0f2e6b40bd3fcd6e61e12788

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
f2d3cb64952c00b8014ece63877c9451

SHA1
310dcc46854f0272804ef0ca201c225dcc30d9c7

SHA256
296ffbba1e9df5e94844bacc21ecb54bbe3302cc0d35bccc40fc27d929af36d1

SHA512
56b721c986dccddfa900d1f7933bc4933c095f1032580bfd3f42236c53bf86fddb5c6f3091497dcd08211570741d36f57683d4263dffdcfafea5dbd44a2da7a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
44c7fccdaff5f7e6cb9ddf81f5e00466

SHA1
2228dc20db4fd8e0d2ce1f74d1691b48b32fc381

SHA256
36e2e89fb6aa68baf1dec8d35be6eaad313042618fc6c114f847dd3027bba970

SHA512
01aa2612d81c117234e5ad3989f23dd47f77b8b96bc763e2f553d2778d3ac21b180d50897cd73f9ffb3b94bf9f13acfe8236028aff750f85dcb658c848764565

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3eb54c1d640591d9123ba726faea71f5

SHA1
69c863d7657689fb96896cd18e9420ed278c5c8c

SHA256
400a55587f8a64e01b5500ed821b3f4118ba93d2f42c3975d3d60e48cbee3f68

SHA512
b69fad3c690a8e6654e44a06796fd76c16f1a42fbf212ff65d09b28dd87809a60f456163c6199db70d25e3471218a70009dc00479580bcae77438fd9ea417c3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8bcc8ce53b166c14475a65b3d1d0b646

SHA1
197476529dcaa6d3625b2da9a36b2414ca3a1fa7

SHA256
de3de2f75808904bfd7a0c3b587dba236c8e555322321ae752285ae96503b610

SHA512
128d56f1c54d95ac5abc6d549770948e63c60a17573ee2a221cfd48cfce79781c05db294c155c5366cf49155d93e777ca062ce12dfcfddc5e45b1779a931c870

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
63b63f4ea045f96a3bfc5ac176087fed

SHA1
adce04f21a61e2fd0de84a5684fad47d979f6083

SHA256
50bc013bf0f4061691492b0440eba9f468757ed05b8d1116f6ce152bd2f3ccb4

SHA512
467fd5a987a37e6473d7b061c82c4b085304498e4a9aae67f68818b06aeb755c2c8720c071cc2ad0057783bd0617e5fea9551e00fb005606d82512c83943be01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cd52.TMP

Filesize
370B

MD5
f217b6cdb51f53de84faf5916f2ae86f

SHA1
cbf489d532211dde1f9e9fb7d7db9d8c58b5cfb0

SHA256
a476a4e34abbb05abc055b9dba7d870285d2dac11b48696e368a4ed157c312b6

SHA512
af0d488c8f8cee6ff65352995c8827e780ea886862c7f3dc2e97ca0f3613e5230802be01e71551b069d21257bc9b4268d5b5e12582ddb34613464da7cd97f2f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ae241c47-695a-4027-b9a8-8eb74d7f7956.tmp

Filesize
3KB

MD5
2d707785f46c7cd3cb67cb8b99701f86

SHA1
74e2f2f80446c6cae0e8caeb6f36e2a30ff4ae9d

SHA256
64ee000723b4e0664fa92ea2adf66ad9a8f6a394b79c26cf8f6cece1b2b9ae7b

SHA512
009a7e4c7b10c5f5ac0df88939a61bbee6babd7e28eea89d6baeb00f26ec026a056ac5af29ca395ca5b0286546e68d722217b387af5ffee51d84b913cc3fb010

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
bd1b29767b50599581d304a4fc6c78c4

SHA1
ad1b920f7a6c742f7e19fc4f24618f33c04c3f0a

SHA256
e39e25739068d0523e29ca979ee4c1e34f11e0a3cb1578075061bdd8f3750147

SHA512
9b123972b8f2829202236d63d7cbeb427707775d77ced3371e56bf84f6ef87def93b071ed6741970757e04d3bd0e4150f1779cf6a66d9897d2ab1482ceaedfa5

Download Submit