hxxps://github[.]com/topics/discord-raid-tool

Analysis

max time kernel
271s
max time network
272s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 17:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/topics/discord-raid-tool

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
101	camo.githubusercontent.com

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3270530367-132075249-2153716227-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
3604	msedge.exe
3604	msedge.exe
4476	msedge.exe
4476	msedge.exe
2024	identity_helper.exe
2024	identity_helper.exe
5516	msedge.exe
5516	msedge.exe
5280	msedge.exe
5280	msedge.exe
708	msedge.exe
708	msedge.exe
4968	identity_helper.exe
4968	identity_helper.exe
3984	msedge.exe
3984	msedge.exe
3984	msedge.exe
3984	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe

Suspicious use of SendNotifyMessage 56 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe
708	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4476 wrote to memory of 2576	4476	msedge.exe	89
PID 4476 wrote to memory of 2576	4476	msedge.exe	89
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3708	4476	msedge.exe	90
PID 4476 wrote to memory of 3604	4476	msedge.exe	91
PID 4476 wrote to memory of 3604	4476	msedge.exe	91
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92
PID 4476 wrote to memory of 4868	4476	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/topics/discord-raid-tool
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe778c46f8,0x7ffe778c4708,0x7ffe778c4718
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:3708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2972 /prefetch:8
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4852 /prefetch:8
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2184 /prefetch:8
  2⤵
  PID:5956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2772 /prefetch:1
  2⤵
  PID:5492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2092,6472725635008293421,16123768125259302428,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2108 /prefetch:8
  2⤵
  PID:3576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2892

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5820

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe778c46f8,0x7ffe778c4708,0x7ffe778c4718
  2⤵
  PID:3704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:5292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4500 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3660 /prefetch:8
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3660 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4460 /prefetch:1
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,3131796770377981566,8749363224905544160,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4472

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:948

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4827f90d60f34fdef44ea71dbf1cc201

SHA1
8f65f208b5573ea89fdceb50e0ecf4d7da9c0731

SHA256
a4e6d2a8057ac6d53e619c4ae25a6a3b40e8d72425b2860909115ffe03fbd4bc

SHA512
d9df2864852ab0abfa3af1cce3c8df116f2f94c724842ea0dc5dbcb8ef24cd42d78690d676f8d36f259a3ab00a3e18d8c36983626b93d7788616aa6175be8df3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34e3f8a801e516ffe03376f78a8f4185

SHA1
27c4fbc447793098152e84f8dfa5a502e1971558

SHA256
699f84eb9111da3d1f36a677b68ba1f8fbaae03771efdc638e0b535e38dbd979

SHA512
189d30a8718d675f1a895a74755a1c1b2b052948e3794bc6da48e1e6d5cdf3e1d3cf8a3fe5a09c960a91ffe25d35621b180db00c06426c0c578300bcfe409e11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
ac42516704a8df66f3760ad40911397d

SHA1
a00fe9fc4ccb071adee8903221a41167de52346e

SHA256
06a7641caaf779ec7e0fa501c1c9fe82fa8b687148c7dea0ef755313b5a9ad3f

SHA512
59a27e459e908854630f93e96413d73d964674afaa5ab6dced5eb4859ed6075a353ac44d9659a1e645c1d9c7e70d3d85d08834ef1b4cda757d59cfba56e0694e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
ea10feb16542b855cad9695ce6e03670

SHA1
2919eb5eed225ca9bc01268aa770c57bdab19017

SHA256
5e8727a660ecba6900f7aec549fc1c2c7634c58565c46af04ed0a83893179321

SHA512
29ded67ac7896b132cdefd5d661876898acf9149d8a1d08c0b61f72f8a56364b65ec0d52ab0c8e4f3da4b54d47f21c7f430bdd5f3e475632d7d38156d16c4a66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
71a7e1c77119e6ff79024a70c40a0012

SHA1
d2c9457a00fa673449c5b1849259489e4321ca09

SHA256
b6b8e1f239fc82fa9c895e60f2a344b6067adff1ccb2a89bdb6109690e5d3b5b

SHA512
7ab9257ceedae8b20cb91f604ecdb27bcc818a95bc828a2a5190f4bcb46743143aba6ed2b7c727ce887fb68ccbf523f42fdfffaeb1f18fab37edecbcfa82474e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
b1a7b545e430b178c02260751fae9c9b

SHA1
462c9a7da09a8ca0a785f3c0887cc38bad003c8a

SHA256
28eff5a19b446b1bc91309d06092b045784a05f13414cdbd666119aa33883b9e

SHA512
1221d4f602b7fd19f362d01e5386bd6b2f7ac1943790b7004097d3f9117847754faa56d08c7383b25278b09eaccc7febdd280db1358edf1ea8401bcc0fd6216a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
44KB

MD5
d54871d4472a6fd4e0302d751e31cde0

SHA1
3c11f58b5eb557ab4513aea4f3e7ffdd8edfc28d

SHA256
946ab533721e56ce6cf80e14356997f4d067f929083c15ed6651a7acb083a08d

SHA512
f1382c0cb5663d5b5e87c1e8001ff521eeebe32ac2517c013345a64d466a19927b97a5d0e0e2d09579146363569fb43e67cfb4884d4d19fc5f60878eae3b1be6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
49KB

MD5
93ab4cf70b3aa1641a4b258c3fe03f24

SHA1
cba2ddecb8e019e6e5a91dcf867c6d6094f39b63

SHA256
d6c2f9f2bb35841cdb53abb660544e6e6f44e39d6542323992cc1c63e998fa16

SHA512
70fa907afd9b52ed54a3cf755e394c40a3ff7a83041540b435cba47d889c1c9401afc9fb23a5e879d85bed42fd5df40cd7540d428b3ee7a9cdc278a314770884

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
24KB

MD5
43dac252d21bddd2477439e023621c6c

SHA1
a7a81cd955811fd15dad91f443e0880d7aa08d79

SHA256
fedd9610bd4c2237de2d9eebba3143424967690767ba25ca7ab369f7aab3bb4a

SHA512
cc5aac6a7e47a0548ebc9a606eff04d175e1c76844160069bf4787349be6fe897cffd1444f9c00dddc214502ebd5a8ab97a1527d219679af894a28858de40fc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
23KB

MD5
77a781823d1c1a1f70513ffeda9e996d

SHA1
60776ceeb79ed41e7cd49b1ee07b1e09ff846f25

SHA256
b093599957b103def2cc82ffd2d42d57a98292ace5a6596e3e4439a6cce063b2

SHA512
9aa66273ad419e1fc4ee825ec9e9fea4297139eca060572d3f59ed9bccbf2e1dbd03a006a0a35c6d37196e8297ec9a49fb787f0a31c3772b17911603eca62aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
27KB

MD5
9dcbb401bc6fc619e68de077aa7ac057

SHA1
7a866b6d643918de84d4bbafc00e3e8ec2987440

SHA256
110ed5f83a4a7f4fcd87e18a0a3f3601322bde781e062c4b9a156ddf877792f7

SHA512
4c1075382fb59e21fa3e1bfa9a986f9f4e3b8ae9dafe13e8ce89d4763d65e6dddef5c3bbc6430d58afcb2fa7c4dabd1ef8b0cbc38b3bcf6b672a286537e9d250

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
197KB

MD5
f0a6279338a75c7514ae5f2a7bc52e3b

SHA1
d6dbffb82879f24405fafb60eb17e6f255c1b287

SHA256
5f61c45d56cd11e3e1c6878f337d0f35b7e94a4ee88d6d80f7799311416b055f

SHA512
f02bdd42f747cf284b74ed0ca7aed4c3ccc61a102ee062f610e997769681e5cee58052eb80f8d85e48e29ce0274bc95bf27417781a4c6b901f1854cff97594d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
272KB

MD5
fa5d0d2ad892048c52dc73dcd440d901

SHA1
2f1da30990eff33341cdeffcf3bdade8fcbdea46

SHA256
cadf41189c4e49cb8cb0a9bc08e9fc3b90cdc0b0a9316b6d8ac644ce9a63bba2

SHA512
dbd77aba40edd265680d218ed4c8d2c28dacfe203d9170b6cf2deb65508c4a67dc3f99cb22d5b628cad73cf3c0985a5d98518b14077d09205b096ced01359da7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
23dbb49969053e6e7913eedad2357d61

SHA1
b7da6b06ea42a5ffd2da7b9d0d186dfb1022eb92

SHA256
542fce09ad424eee01aace4eb121921b68d562f750a8e6f7e3f801d96daa6a10

SHA512
7af9ab2d3ed52c79666714f64d4a4ac90746a2fbcf3637efffc1e1bcf6d59d91741335f12b9bf86bb40dadc63e18d5b57027662da9bfbad0f5b19cbeeea2bd31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b5287e5f07b6c34487002cf9d1d19b44

SHA1
e5ededf963220e1112b79814806fa7dfd31068a1

SHA256
c09af51c7dcefacc4ef3c4c9f77ab68dc1fcca43969889793636a85bfaf36b2b

SHA512
d936639b694f8ae057c4edb5fc46c187b983aad916c9f865a60b456d72a70088426d44d2bc923f3593e3178492e2fa81b5040eac082e001228a84f9fff48fcaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a4973fa21d93c45ffa5a4388816ae7ea

SHA1
9edd225804219ad53d6b7f0d685ed49ae56525b4

SHA256
941330971d189475b248b346f7ac7cae6f0f753bccaff1f15c6cde15fbacaaca

SHA512
190db9cfc4fc747d73157ae0f8fc040394559fd38917f44f61a664076e292a0b94d789736e79339b71e4d41dd601378a05a7f58698347588172d1fde606b7108

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
3f6ec73c0450b94713b2edce5b490bc7

SHA1
c14beca3d5399260aff2fa58ab64b036e92cc0c7

SHA256
3d25a3febd5bd73afbfa201374c219c27d5d00f98e95928c3b04a304592fbf3f

SHA512
dbbf1c1e8c6c399a76ca57c1a60d0356b1816fb389c56012bbe431fefc9d9241787957c8257e1274ad4254783088855713019c70c54c8178ce8a8c1a74370ba9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
4ae4da4086854d0d59e4f55fe9552b62

SHA1
8aaca25c6e69429fdcf194b4522e3338240c639b

SHA256
64f05a2d7e9ee6b4c77a9a3fc69bde75ee4d8897ba24665ec1c8927e9a6d33a9

SHA512
c1c20468970863091bb25410ed42b84e1c773e8d893f26f726edf5c2eb99dd44c32c0aa8bf2eae508fc0a85e6dbaa309efe0427cc836c40a5d2642360d112e3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
24KB

MD5
48e8e52016d343db64729ba0ea938bd3

SHA1
ef1357ee324d50b65f3148c478e083b04609a55f

SHA256
28e9bd58f9b9795044952b051c9d0a032e7746686d7da8cad6b06bc2d2e6490c

SHA512
912fa8d5e9eecbe9902b3f3cce53385f9640e409b3baefb1a66b5de59ed707136a3d1576a375c7e2e76c6c59b3f95d2c8bddb791a5659806111f71bcd378020c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f19c423cc8b1048272b1062efe6c08bc

SHA1
b4d9a4858399c8d034f8e939a986042b9138a92a

SHA256
9bb49a278843a17217788775e46db2b674ebc48cc3ca54d8ef73ecfea6195319

SHA512
eb08b9510f0cdc54af8024d393693da1a28ec98bc0425df480bb6198dc4aa92e0be82c56baeded7498f8c8a5d9425202067ceed6c0206a1fe8e207d4527e90a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
7732909af79c95fb6bfa8224744fc227

SHA1
7844b63a1520d594b558b7d4e9237d718f974b8f

SHA256
e96814f67b324df4c6b1da6913d163281af6e9adeb2cc9a8af4025e6cccf579d

SHA512
ef8b4136259594abda893c49eed58ded84ab9a4af17db9bd63df668e2be326cf0aea717d45a102f18d94705defa287ecadd4a31ae063ab1fd65997ad54e46311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
79e13cf2f831a8f279b9676962cff29e

SHA1
5915f440ec7aff5d28af8e39b693c61049f9fa76

SHA256
d6770dd0cd80b4e058a652022652f09ca6ee4cc08fc5198d9a22b29603718358

SHA512
acde1ce9497a01e4d0ebe63319de637b2d0e495fad817d66abe37cdbaa06017ac530405b8085d902684afe705cf6ed783883c0e2ce4c4e6c1cfdc0b05752b529

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
35KB

MD5
d01dda0ccb0677ed5071403ef0b45bfb

SHA1
81e12b9507ca9e20899b66ec0c840c5751f572fd

SHA256
ff0310fc89242cebf444eabde10e2a42dca768a1068e5af7880f2b4d2cb7963b

SHA512
f364dac5f30c31989d8fd4af56d4de840af5f689a5619ff72da9cf1b37772a2286e9d33d2a71588297eec2e27dba0b7e7c687f6e105bfb5a3fd7f2fe3c238c33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
72e1a659bf474ae8f86b4845163adc7d

SHA1
6d34bb7ac08038cfcedf4b14bf57d7af7da4c7e1

SHA256
bcaef74856101b69f2337706e6fdc20944d6f96c939982fa4e38bc05bc083229

SHA512
d40a1caba6911321cc80b6380c2dc5331d2a33bbd2d7208256e2545c208552175d957a21a2e38dea4a0798e4ac11c8a14405716e4d0d915856a117646660f704

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
911B

MD5
25a089c0846dc7798c4c4ac99373230a

SHA1
692b2bdb16aa35d78dc095d1ebf1512b05b70650

SHA256
8004ae2aeb9070daded344bdbc35cd0c676df5d89900c80c300771e1655a8877

SHA512
ca8e1ebd34de089d65b4692efce326458457008d6a71006ea70a450369112e2b437c9d9e68cb31d1f104baaec76aa3ab6b0bce7ce47bd6a9b4a5190421e2a14b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
670B

MD5
d7e1ecabeba88d839a3a247b70d89b11

SHA1
db743d01ab42b24e2557121800df1a7c927676e9

SHA256
c45d0db412805cf09a725eec3d8f7686a724edcf02cf41becb1cea9d6bc66ab2

SHA512
6be6a3f2f42d2d9f24828679185e64f454749b5cd5fa35b3be3d944fb732f5d630f80437ba5996bc96d71e0d33234f9c690446bc9af49674d9d4963a79a66baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9f1b7d77b5203217149cc600d3c376fb

SHA1
7becbe21aad5c94bd61e7992f857f1ecf527e4f1

SHA256
71033df5a85910b6b678f5a6c5d24e96db54d7a88f2167410f0497098f10301e

SHA512
e185c9ba86be1817e2cf58c7f1b76564621cbfe744a3705143b3661acf060c47ebd9234d64acbc1a54ccfbdc57f4c4b112fd4ad3d56792bf4831fb07ca8eebc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e254b44fc1646d697d83acd3efc3d114

SHA1
16794943092216375810abbe2c0a37ddae431c4b

SHA256
65563e9c9f4725e7a6ef62d27611fab907576c1c09f0af5e1aa57ce7989c61c7

SHA512
d46bbaa9eb781b6c8fd863560b51eabadd7da118782c194cea3e1cd3c03dbda7cd5494b703a0d3fd5db37a20a4940dac09c8d025ba97854f6503d9d67ae65bb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
235ea54935f0cf9bf622f5aa6affeeb3

SHA1
d0e622b24e4bdeecbf30079c612611e2107f88c5

SHA256
0f0c893c6907717879036635649bd86b3ca4b7ee96cf8e0fa8da3d39f9d747d2

SHA512
793fd831d83cb79b57c3ed9116736b0f58d3640e2d662d15f5d974523266181fab7cdb00a36dc1ff694246284c25ef6bd25f8ca1b77882d8a94d0c821c0ddfad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9152fd2aa6262e672495e247607c8c78

SHA1
8481ba927c4fb1db536c793bac61844361ea5240

SHA256
7db1dacf2ff7fb92d2fa64376a3df914b29cdab7f62267f15ce3ddc886165e36

SHA512
18f6a5f3980a1c0412db207c119cb630b54922f83298138ab9e934d3181f178be87ca35143b3749a330d08cd6385206095fb995c8620ed36af5634cda3bbc2dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
80e919f050d2774ca719b77877ac9cf8

SHA1
d6ffa9fd15b801eec0bcc42d9d59f9d72814b8d0

SHA256
5be32792b725c9554a203d03c1207cbd4d4c716e9275b1032036ce8f8e3ddb87

SHA512
4d029281a4cf42b2a485abd54b2c8e853fae6fce4af90f494b458e0737fa47954e75327091e30b5244acf7f502b2c3ecd5fce635ea2577c959ad251f2241ec74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d54a4f9477f63ca9f91852ee3cf0609e

SHA1
48c16424bceda8b52c1ab98ad998a886db5f8759

SHA256
2646210955875a4cad9e67de4fd4af1b4f9336673505eef3e57a343da00fa13c

SHA512
2b5cabf44dbd25e965f93ad4444d7d60d090d0d16f21a5f29a49df42028ee9d31bb514b0ed8a9628a4538a1b23e3a3677117ab5b5ecb21fcfb58dd994ca469a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3e921524c05208f35a339c05b91f2f43

SHA1
468be1e7b07107a009d34fa17962cfa1b04fd30f

SHA256
049fcac5f9382813377b6c5f079fee328e229469b5e1c390cc053a9a09c9c742

SHA512
ff1e15075bee4111a676593b79b03f648afdb2cc1f1f17e5cb79e8ed3c6fdec90f95a34067edd672e8bf768cce6867e744901768f22777a63ac5d9e3fa40ed27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
abd4f58a7c080a547f3c7a61af081b84

SHA1
ee3dd5686d07bafcf563b43c54dda574b5cc5055

SHA256
7d4f29b27f6c45923c634cd2a5dd0278bd64c0b5499a48aea35347f6ae6c002b

SHA512
fb2c77220385f6b124abefce5a779be76f957314604779b818e5e42271ea95d72780ec64e70cec3cb1de9559433638380dd70398255aad78b2b018d90d1c126f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
87883a08a99be6bbee3ec131fc451ecb

SHA1
93467134380fce37bbb9081fe9039e3b66e0f560

SHA256
8ebb70fe8365a9a97f64d75743f595067b06d3d0079e6dd22852592a1b59aea3

SHA512
d4dd88de0dad3787344d19517bd096368e74c163303e5153aa7f600b2513dffe7f4907bfef1f45fc39ea6ff51f6bc44864cd2bc57a89e776d38b6746540475ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1c098c7efbcb7f3ed669199e58f570cb

SHA1
354c7bfa0d932c82f8751f66a72f40fddf58b005

SHA256
c3e5696fd5cad10c255989076e19a4c691001de55a0bf14115fdeca3648f1441

SHA512
1548f041040d0778508937652f1a87a82804a8387ae5f3696ce35808d911733de5c7b37195c4e02cd11eaa6e45bec4c314462c8cccbd23a31b9ee43dde550d65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
759B

MD5
c641c4b53cea24a18a479b36778f983c

SHA1
5a59fcbcff72d251d101d87c08884e6dd9ef8cc9

SHA256
0c810cebd4da9d4a475c264b4ef5c8aef7c2948dc2b4f8b5b201c323a3af3177

SHA512
e316807f69b15450dd62247b29426112c145c8f4b2aa0a12677e1ff27d064e95e5c409129fc9617de6403079e70d22233ca825cf5fc3f1fcee58f113c326de7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
5f6681565a9b0710b2c6177fab3fdbf1

SHA1
cca3caf5bca41d0111631571fad781166088889c

SHA256
35b3f8b7771156faeff4a9e2321df562a7147eecb2921abed9c43b7044d2e27a

SHA512
f5f8a5aa35c3e52eac4a06e385d26eb6a4e4ef9b5a4e9f60c9a9028400596dede429df75fdc04b61d564086818fdcc1795767427f45a979534d9f14bd35f49a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13354392733176843

Filesize
30KB

MD5
bd5a67abdbb0d80c00bac013b0c0e172

SHA1
25be8ec8038fdcfa183bb757d87a5d46429e1d73

SHA256
17c97fa05797290ae5e0f3faa4c9457b06cb789a931c6041ef9aa1131bc95f3f

SHA512
5d5e8fe75acf8479225543d5cfeef48471c29213c30e32a8fef561a8e7ab350e4beb1016b7931ba9d3805801abb0f6885192b0bb46cc0d73c5074b881ea09944

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13354392733355843

Filesize
6KB

MD5
e5b8d7c8186c13eeb9f1d63011b2a6f3

SHA1
1befbea6b303e95f7c247a45d62e9319d63d3f85

SHA256
2250e793c88a2fa2c55e08424acde9c1927ae425f0b676de183ed2f8faa9b565

SHA512
5f965d7dc3725653dd2195a8e220c337767e60876aac618f97b0d2585a812b286a2462b3353c2a0df5386af19e2ef4abcb7d3abbc10ff81534bde941c3a66d2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
172B

MD5
6e131cf52d8bf7c8c09713a06f1ea555

SHA1
f542c825495cb854414f4442ffdae4145d67cdad

SHA256
2bf5b4a656551ddbed2bd80c1aa5ec80553eefde6f0601707d24accd4e8d7619

SHA512
03279fd67ca34c691f44d9d08b3d33e1800baec391b500af1f883e24b5864b646ee3595460d30add180a5de7cf04967d27f8049d412f572ee6277cf2b6d4d825

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
d9fa5cdf921cbfc69b36a06b17231853

SHA1
94da656f6a6776712d82a7f22ab54ab4b35c75c8

SHA256
42d6a055d890abee10be0345ef4358c5ecf722c05b94bcf35db0c2d33b5687af

SHA512
cb16446f9423916cdac06c3bc1a9ac95f83a5ad31f6d623f16236ae8e6fca2fea65ca87beebac0cd1beb71e6ef4c4fc611ae0c828f3b6cbe73acc81f11c61ca6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
a5eea80159a773de1fc3561f687630d5

SHA1
e144ce14318357c632c5c25ed801d7cd48999ed8

SHA256
2f4c8571942da6235d8d6d3cd249beb0eab039cb50f0aa37e12bb2c1929172cb

SHA512
adc4a749043ce56777d82476cf97c618f3fe614ef1a876561561444e0dc8fd7df3dce231098fbc24ff1c0fc4ce723f3efa5baf5138dcc317708b6b49a1bf2540

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
600759eb646f3cc64f6d9d12d25233ea

SHA1
758b4688b32b3ae40aa5fe033ca630bc7f12669a

SHA256
03a0bf4d56053303f5ebedb90b5c0a8203929cb35f7e27b5075cdd1ba989c326

SHA512
3cfb777e1afe3253c4eec9d876642d56d6a81f413f490f000d03ad17aaff7135373c521be67ecc0b2905155bb2a22f7593c2a357f5134ef174bb2fa995b20bef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c93fa0741536e00eecdb9df3b92ce21b

SHA1
81341dd84e2dd57d2f374891bcfa3d488f111dee

SHA256
e9b5517daeb10f80ab84a401f33544698a3abdc6534b9c91ae31c4eb919f2e5d

SHA512
c149ea2be9fcbda4993862e1f3120741e4df50eb431e48c96fe1dc910aa0f0b1ea2490b9009b5d9f29a513a3a21072247ccf098139fa3f4a92563ece03672399

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
aa04f83af8f8bd21a457ee5324f2cda7

SHA1
35463cbc328e0d78fa409980366c6057b5fccfad

SHA256
42db3aa7d26698f3e061c462e3eec50436c45c005034c50b19908d163c83e05e

SHA512
e7d731051c14e76fcc4c99d6586cbd59bab4a526c2467c9c54e0dac503efc9e5f6d7ebbf6e3bc74630cac0b7f886292f7389b879ae3880bf931d9bd4d3efa18f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4bc9518ff6c93f29b03b69e1e228b709

SHA1
a1e0333b8aa26c3d25721b647430fd725f18ca7e

SHA256
a1d21013cca2f99d9c43fea6cf4c4c5e6785f463ce838ef697f9f612e73a2b7c

SHA512
488ee107582754195a984c39d7930f07de92c955d9cbfa840947a0015b9a24828ab1c8c73f84d633e1eb07afb0bfd91d93628473f6a60debda16e42b09a939f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7972e63eaa61c51ff1266f064fa17129

SHA1
c4871ac7f46c6c1e4730311b713aba230d92b3a0

SHA256
d64384ad5319c26967d3b8ed3b5cd4fd470c09d7c79674c0478dc0cb836e9050

SHA512
b74b654b53e012ca280ffceaf88f6ae9fa629a6818da8357c687e3e0946a0366b4f4e010f41e9080362da944cfa8ec55c98bdc561b4806f21c5b5e10712abf06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ab92.TMP

Filesize
706B

MD5
e96fb64386d238c979311287c7594f7e

SHA1
e4e8a9998b49c1b4d72fd8085c80c0335c1f451a

SHA256
5519258193547d036babee085dcef4cb4a95e3b192c23bc019079b0be8752352

SHA512
329e8fc61daea37572cc62d034fa009d439bc9f9dfebae699cddbdc9b63f8df242163808b792633c7a20032bb43e1dca96d31ae939654e3d9de392ae577335ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
e511a612bed7636ae71475c15c71d5b5

SHA1
0857a9d938987102bf10175b7a1cb752c07d53e5

SHA256
9febc16988cf4c3c945104e52e911ab9ee8160071c65cfe16c6cd2feeed5242b

SHA512
f7ef6519cb45beb05db71222b0b3b8d3e92c3c4a21d706baa17365f9ff1756b5b8c379f44b57ce6ac44ec75b97f510337b91a54ef2da91791cbdfb4f63355e44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d819d6b3-8303-47c1-936f-1eb4398ded60.tmp

Filesize
6KB

MD5
a6f8c25ea65ff1872fa25fdde9a91582

SHA1
0c54499851dda7858d5a23526efa6577005a81ab

SHA256
a4746f0af0e7c3f6cd84de7c967acc5a197ede790585630c1ee28d177ea69c15

SHA512
d91e6d13fa5e0b2bf0833457f61efe8b87626de31ffa6fffd1c8aa268b217a4df454e303dd44032a6e00da07a0fb1f5de31b62c6ad5f45bf1fef948990fbbf65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
76KB

MD5
8cd2595d74ddc52bb983ff05e96891ac

SHA1
5e7409cd9e4f2378705972a3e3e6545ee4c01b52

SHA256
e59f985aacf2dc4be961d74cafc541b15d8bcd220d9caf5c22bc254952e681e7

SHA512
7c651f86f3103bb6e6d496d9046495fc55eb15c33da1cdd4e0417244655d29526e3e918677e6ad656af8486e8bdb30e2f69425a48d9403dba6c10462fed43147

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
15KB

MD5
24f10f57d9dee3a7f870463ca2f2d4d7

SHA1
a6391db7bc8efd62d1277cc107733bb00a2683ea

SHA256
24195fbd0f1191edec57948a8a39958a0b913d7dc8b42b8f46066c328274d0cf

SHA512
ec1c14b96ce7e6d87bfc94ed91765aeb86d18978c5d1c8dcde32247e594941a7ffd65611538c6a735b8def4b0f5be403e5676b907195c681aef62d8e970be4ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
a9163b36f5d300c0799d6813e644df86

SHA1
f142b7c03c9251a2489f9144ecfac22748901bc1

SHA256
eb7e297afc4a0f88bccaad4f1d3c24a0ae8bd5dbe90845e7126907e77ce1d2e4

SHA512
72ba414d6715f958ecec0e5f2df451c1182363c00ab479039603bd0d3f35eddff7cc3bb75da593a361149f1c1e9da8046de9f72c9b6caf00fd382397964dc1b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
594B

MD5
e99961883d450065e6272ca907bd1972

SHA1
43b803a14b6f5d2d555f28fff912eacf87f5aaea

SHA256
8b9a67e01ba16692a7edca5e163472eb830b2a64aaab0dac15ff4f8791139fed

SHA512
493a11a8865599cf4c6be962a73fe26247c7c775cd0f267ff0f1e1d2167a63fff60dada53c1145643e11b278c4dcf0bb1152aa8fc748713b7c5d554897f094b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
f836f84d2a8488191450b92f0152ef34

SHA1
ffbf054208c1c35b475fb87f2fcb2b8b338d059b

SHA256
dcecf2488374e236c8ec8b0a5264011681ffff3b540f653838667a21cb444d08

SHA512
f7868b26c84ef36dfbc2d684c137528390a3110171e99989f91c7296f3e8364d657bc203cb37574d82e18de122f5ea343ec31d11a454dc375348cfbf6750976f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
bc4069e21c1dbae2fa3725cac620395b

SHA1
2df0ec48548740c99274b9a6622d05a3925b0b2e

SHA256
89c9f27336673160703ca68f6a491fd4fbf859d364d5c9aa1f0d6b7350b5c2d3

SHA512
b29940c1adac6116fd58ce0cfb33d7b6f12c2bb52d2c33079a61a8dc9469432612bbd693407a9b533fa536f08b71ed7cf1ced34de0c8333760481d214c083858

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
11906c896f8fd1c607df692a7a9db7c6

SHA1
7e467dacb59cc77358c7881276436d9a42c9d03d

SHA256
45ebf33fea210ce1e2c502b12687abf233bc68e0ded3666b691feb3e165cf569

SHA512
c0bc474ca0a5894d44e8d085415a86bb007110593301b63ca539e84da03e86a2eb5fe345aecbfd51054c833e625b7baa8d0cbee59cb0257705ceedadb0bccdcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
babd2d007644512223fb580b90f3e1ab

SHA1
026c67514c096909b7f6089a4e0aae4d3b6a935e

SHA256
1fb25cbe44e0c96b4f11fd08335b7c4274cce05be0dee95e4db32b269dca2a43

SHA512
0c4aae3a4245b82b2349896c170fec13ac1ab5777cb3e9767c1e212ae1c4838f2d4344943db0db117d4a95dc349371101589bea69c6c165fcf50be7b7154fd91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
16KB

MD5
f55234db88c6538e3f4ad45c114435f1

SHA1
c4dba9a32f50f2d9a27ce81a1d62f7587751e6b6

SHA256
bf139ca7efd187c36f3ec33691f427205a63ca2707af18bc25430637928d713a

SHA512
8a621fa5044977bce987b8259dc850faf83f4e82f4df1a7a689dbbb0b9b065676842f7ac462b77f66c3ef892c3272960bf5de4c0dd4f02e85430b368867feda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
17KB

MD5
6bc4851424575eaf03ebe2efee6073ab

SHA1
2d014fe2feb929d03a46322645a94556ca5c9e96

SHA256
abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e

SHA512
af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
17KB

MD5
fc97b88a7ce0b008366cd0260b0321dc

SHA1
4eae02aecb04fa15f0bb62036151fa016e64f7a9

SHA256
6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e

SHA512
889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

Filesize
16KB

MD5
cdbc1f93b42d23ebd92676d94b17a6d3

SHA1
24ae184db5010254242a2a6ecd01a6fe4ccb9bb9

SHA256
b1ea61fdb85e5b19079cbaa607396cc8125844b3985d1ac34a5f8d75f97efe42

SHA512
aa1fb2d022c4bc4d487a47bf41d1ecc765585309531a9701c05d5b4c4fb775eb8c11c4ca81347a2c32c3a0dc634a7b52b2ae9ff96d82f7a4667301d74de0d563

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

Filesize
16KB

MD5
2e68f7fb40b89156b6eb280408ba0b33

SHA1
d1ef510d03ad27a029514fa76142920e2a92fefa

SHA256
e49ef4f9f70f75d92e37922874c2b3a7fe2ee4e7dc7421c6e1070b19819f2c95

SHA512
85506ffc415b63bbd047e0eb6c048057f5ff727e6c5c6d854b0364f762a4471d5f8d70084826b2df04970f989438da8e58c2d5dc1b1b82f829d256440dd92b89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6c2e32bfea62d71b0b513e3c741e6b7b

SHA1
6e171b273805964a5442d51182a3db23291f3f29

SHA256
78a01f191add3fb35a94af4b49312bc1e796067392c1d3389cb64e01b5b85f8e

SHA512
0465a8ff43767a5e5319c4b126b4a4831124c82c1b45171064f69f4e1185e0e045f274a61b594b4d869d2b4f45f09c717c67d1cac050de91dee2f8c8de136fa1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
884b6e50cd69b3883930f36d670c218d

SHA1
b24dba9d3f83ee853db3a653a444f32ca68323df

SHA256
5f59bacaaf6e732cf0e8581fa4317baaff074e26d764fb2980b987010a8e304d

SHA512
4b212c7d3289591c54223bc42279a428f8cea61801f8766c36380cb98b48846236737342b7b6b09c8c2bb2ebb9e54089a12a2bdb25666e2a964356139b5539a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0671961c885ade77c23f972db982cd10

SHA1
14a75f3fdc56f619915dfb32b0bed4041fd8fc46

SHA256
cfe0c5dd6e2a93b7ab9ed1648e4221af19a462e3ab0ce9036f01edfacffaefc3

SHA512
ee97bce344b21fcc16eb64c73f3e441a3bf528ce8e0a33da6050c48531812151f6a74dc2a865bdd18d03b6914678f62f28d7636be011499f027bbd316d0d5b64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
829b75609594c8cb7d9947d770dc6cfd

SHA1
376c9bc47c06da39f2177a709f7265e389ad8cb7

SHA256
9cae26faea4be7e7fa84fe24b1f54d2d26bea17fc87ba322ee103ae92a08da63

SHA512
6e55d71dd125cbd90f7305d9daeda043b1ac3a90dba946307692d69cee10f5775f180aca52a6cee048cd8538da397975e27b93c40b4e64aafaad8fe0567400b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

Filesize
4KB

MD5
3ad275fccbb26b9a127920002ee3945b

SHA1
021151adb99c04308f907fe93aaf483dd84eebff

SHA256
86a11fc776c91ba8bc2e52158dcdd30121df61e2438a6a9dd3cbd08b224e173c

SHA512
de6a1b5b2015dd7c40962a4aedc1e713847a05f9fb2c424e56ace5b3d68c0ce2be6b9b8ae5fdff88d3774fe0173084f5ecbd6fe2ffe159264a2b7a3fdb83163c

Download Submit
C:\Users\Admin\Downloads\GoDm-main.zip

Filesize
96KB

MD5
5b891cbdc954f92936b6bb111c80403f

SHA1
143df547e98e4ee25d340d03f1115f70f0284f1b

SHA256
f4ac36a011ede68ffdbefaa52e05e691ba0582462c4308fb8039671963519548

SHA512
0e65e3d3dfb7d389b6a2ebdc140f234720ef3d7e998d1eaabb9398f12c1a7e0cb585fa36a2ee3eb747c51f413a8925c0e8d988246f2b3d7cd6a64bfab079d846

Download Submit