f9753221feec9d106c5ad16120eb8bf9a6fcee1625d870373de7496cdccf4a4d

Analysis

max time kernel
983s
max time network
1022s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09-03-2024 03:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a.htm
Size

1KB
MD5

752a1a8e638938f8e466e838b330f7b1
SHA1

5a66c6f7dc710496af18360253677a62a5bc260b
SHA256

f9753221feec9d106c5ad16120eb8bf9a6fcee1625d870373de7496cdccf4a4d
SHA512

e6f1333f3303b5c30e59e13baba529279fadb5a83b3984f0f83bffd69978146e062ab82a01e04fd7af2bed8a85aa6512acaebf24604c02a317ed8b633d736c43

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	msedge.exe

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1904519900-954640453-4250331663-1000\{D3F9D398-EC26-45A1-9A9E-94704E531134}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1904519900-954640453-4250331663-1000\{6D60B2A6-57A9-4EBA-B2E9-EDCCD1934654}	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5136	msedge.exe
5136	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe
3348	msedge.exe

Suspicious behavior: LoadsDriver 1 IoCs

pid	Process
648	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	5936	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5936	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3580 wrote to memory of 3348	3580	msedge.exe	86
PID 3580 wrote to memory of 3348	3580	msedge.exe	86
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 552	3580	msedge.exe	87
PID 3580 wrote to memory of 1896	3580	msedge.exe	88
PID 3580 wrote to memory of 1896	3580	msedge.exe	88
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89
PID 3580 wrote to memory of 2672	3580	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a.htm
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.52 --initial-client-data=0x2c4,0x2c8,0x2cc,0x2c0,0x330,0x7ffe51082e98,0x7ffe51082ea4,0x7ffe51082eb0
  2⤵
  - Checks processor information in registry
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2040 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:2
  2⤵
  PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2292 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:3
  2⤵
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2860 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3356 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:2540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3424 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:1012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3820 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5056 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4948 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5412 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3580 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=5408 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4896 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4896 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=3480 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:3228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=3392 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:2896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=700 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6532 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3580 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6660 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --mojo-platform-channel-handle=3596 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6748 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:5216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --no-appcompat-clear --mojo-platform-channel-handle=3348 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=2288 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=7124 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=6792 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6416 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  - Modifies registry class
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6364 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:1
  2⤵
  PID:5580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=7084 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3584 --field-trial-handle=2080,i,8811044261356947717,2651315617701848561,262144 --variations-seed-version /prefetch:8
  2⤵
  PID:5456

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x304 0x408
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5936

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

Filesize
114B

MD5
3a1934d6acad518aa0b52eb37d9a2b79

SHA1
1203e3e61d968c644d8f1d2a7ce2d870b46ccc0f

SHA256
5c393476e37d390415c41ff4c045955e1469d4af24ee096c8b5afb33e4d0877b

SHA512
b914f03403dd952fb9a33ed1162380f2c0f6c6e1c8b49c443f659ec4be3c8f45bfa923fcab0c91843109313d4240f4a594194a5fdb37b4f2ba15748364f7b4ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\fc46ed87-c8b7-4125-b2ae-f84ff5e5d0b0.dmp

Filesize
11.3MB

MD5
2133b3d06b485c985087327aa677a3ce

SHA1
a4d154a116a53ae525a961d4c18bc541bbd7b26d

SHA256
b09ed84a4f48f1e8acbd211bff4bc0e5de764791ac420805cd93bda44130624b

SHA512
20abca97cd6f345cb74893d1b9834710b280174a51ed55c0a903ce9094c3a13a90acbd6af4f5a190d3b3d059763163641783990561e78ad6cb5dba67665c05dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
6bc7b83e008ac944cfac50555f56edd4

SHA1
93798803725ba38ba4e4c6c1c37e1dad887320c6

SHA256
51a524b6c5989c12fd42ae6311f5075fb4c8dfd28012f4418e27a1a4687a2fb2

SHA512
ed7f79cb392182e47cf1b29c77a07be512d2d3f70b35ee8bde2a576302040dce4c173cdf76f4108acc3e2c2afa88152b6b80c61fe6be15743ce201890728b093

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
4cb1d6250bd480302ba865922271275a

SHA1
5c5ff4445015f3014b98d4fa373fe3c96c1dd0bf

SHA256
79712be8dcc3d527566565f355b4363fc6dce41676d235dae270eee68c2fa22e

SHA512
69d37887efc2647238adcc34df57c0ec994fc9614abd0a000a433e072e546a6c41099c2f3d682dd9e7ca0664bf913be55906437ae101c51ff014a4e72db8706f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
489c2f7bc0cbabc82d71177abcd193c1

SHA1
1793093c4174eeec812e9e5aa54da8ed66e5dea4

SHA256
a857a74544890e355f1c0a3d61a687a8099cc1a0487b5c94c30a8e65e596447b

SHA512
f9f87d4cea8048d8562de8a668e29cd3e4bb925781509326a546d4329b20509813ee6888d063f65f1e5d4e62e6c4f960183e5ae46072def9095a9f6c57172f2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
b26c03a82a5747103bd8ba1d40cf379f

SHA1
d95956593da23ec43a63d6698d9a33e0ab2df2e4

SHA256
94af6b3dca36c67bac4ecfd89068781be246927c5dff23d9a0e6c07d780c51a2

SHA512
0ca0cdb29146938e53dd58ab79adb1da4733c7654a7f710a593222017b98adbed729ad981caf492828ab3aa9aa1d9650ae6a2792a92270d10b8e61ee4c75d675

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
331B

MD5
c914fa33fdbc4a665e2935671b0181a0

SHA1
70ba074456e10fdad47cc78c884679921323eb78

SHA256
ba5219995a87230834915ecb28a09ca8826839ad394360f03b0daf560c0581be

SHA512
96064c1781925ccc6af4d1dfcb9f8abf385c818b258638a3e0fd0ed63119a591b20397293c2ba6ca39abda43b743557209acc198d3e6446afbd91b156f8bd2f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
331B

MD5
a85f59f178d6bb4f95152c2ed08e1acf

SHA1
697fa708367efd5e2eb86321dca8ee5b54196471

SHA256
daa6bc8e316b1ca482f5d9fff7992f59414b9980260f1babf5b2b7643cb2c338

SHA512
e56124c4d2cce9b91bb0f737e150421e877943a6e9c19028400100908206e5104a9b276cf8802f175e34dce587e3859149fed342358262c382ac8e9a10ba47c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
334B

MD5
adf4d5a01c49477cd15285e1ab2d8777

SHA1
c3278a55b74e574ed82c87d28f003984f9323ad3

SHA256
69bf35861de186588021233dc7bf15b1b331e76816d4958c69dfe1fdead7f925

SHA512
6ef9e2e8cdc2fd05460019b8e2ec4604d2185d96d1387723b0c00325c4c8f9fe9e7c28985902d38c3ef210b351a968f807de0626e334ec6fa164d2c65f3ff1b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
334B

MD5
c1d9981277984a116bb37113265ebde1

SHA1
6228e62db4b3c23d82c6a622bfa00c8744437050

SHA256
bbaf2af68409a6733dc7ba1472d3fd6a518a8b90b32b857ff957e2f2283fd6d8

SHA512
0ca1bda9c1baca1f3158c5adfa707044ed5acb56c33ea82f1276153498fc0c5b5a347e6d2f058139800b2848c234d5dd4d4eb86a30454061fc5b4883c3cab2d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000001

Filesize
75KB

MD5
3853688eaa440dbacda36c0b47a79d8d

SHA1
78e650987c7220c86391d674fbf89f85128c0c5e

SHA256
ca9592f575c0973b0e8d207aef12b5df00486e450d8bb0bf019bb690bd9f5eb7

SHA512
bb31a6dd8d19c074a76e8f227970af8ab963a1f86e3ed6207f60066db2c972e1f69e167d8b230ece0bbee34583850146a0bdd3f9013ee0afcdd56b977e6b051e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000036

Filesize
35KB

MD5
f6db67df58b39d3f00ad3bebd9002110

SHA1
4845bb89ad1ecaa7fa7934351a0f567fe9e901d4

SHA256
9bfdc73bc5d30dca301fdc19552f866233c9f99139d13a43b7efb766c1f8692e

SHA512
b36a7c12a7a01fc493d61ceeb10d6268bc3fb6a88fa396458f936b3e171b7e1402a77f0c241b62d95746da27c09c9484eeab4b84a67f81c1fefe043cbe4f6c69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000055

Filesize
123KB

MD5
286646e6485cd0d7cbc289a2939df329

SHA1
6f9168a31264fe02f5dd6fcd6bca7a57824945c2

SHA256
10a2317d93af558a33a0ac23b593bd46e6d02783ff1cbae3d9fa720313117a26

SHA512
33fb76c2396a6857df99af6c16f182e5778861b24a398d6b724cab3ed8b0cca37c96a46bb38180d1d8911d6b07e37c48603f6c7b856e69936d17b607b8991003

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
696B

MD5
d72627b6760db6a1883bb0b0954823a5

SHA1
d4653e1fb20e99e5db280814d083aa30cf9bc48d

SHA256
d78dc579687ec95b7de38058cf5ea5c5e6ea3142b6fd3417095a3d45348752f7

SHA512
68484502491750fcad54efa04bbb6b8492a04cefa2abc014e2994e38d0b3a34757cd6f1ae38665f18fc0f0476efcf3721bbf9c846738d9d674c835485927d7a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
d8e5eb61156c50b221e18de97175f51a

SHA1
f36f668c03f000b322b379323e65deb71428adb7

SHA256
83e2fbe948d0bb67a974f1606dff47c0702e661c5baefac96d9ad41ef92dc424

SHA512
a5783ae0da1e68172390f941e3f4cbfeb453305c67613d87213934f448cea76a93161323b297ced906c4d16e2368d333793b740f7e7efa0969db6ebbd479fa4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
4bf2036aad7aa19de2e94f721d6bbb8b

SHA1
c96f7b0b817fe8034ed8e05c0786dd9b4ebbd63f

SHA256
af9d5a69e3a0555bc2198ad08bd9b42c6723cdbad2e9a149817d9ae4a64e6d58

SHA512
c922c675d5a6a4cdffbc0ca829c4cadcfb5a0cdac687e5097f1c0d70b783e657cb126bfbf4020556f31f92ec2284c36fc6951a96a3b2bad2787f1237615fafe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
40c0806c55a1cfa800424685321d63d4

SHA1
c60d45387445241c6423e82d0534780ae3126ea3

SHA256
294ee37c66769031fee0418ae618a278048b1fbf29c950e5812af953bda62084

SHA512
00fa9efdf42db74305a0b759b87a7cb58bf615b95b9210b178472558960614e1bc70d4ace9fad6b57123891d89e31c6c3f786088ce95572d154c2f02cf607233

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
ec833eeb399a9b83f72466ce02c943e4

SHA1
5d51db9d4e06a8cc73dc565dd0e90fb7eaa79f03

SHA256
aada784ab2c7591afcf6d39d53d35d2441471b1e131a31ab640617dfadd20027

SHA512
237954a8d32e32483951ac517e3669d1a7bd421a1aad8d0c40c1bd4a6847898f457397e1932c5e9a07df321525c5b40928d6db13d94ca48b8abfda2b57a34ed0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b40ba4e68352bcb0aa42b0a391e52698

SHA1
3350d0f012aa3957a819d55ef6368cfd8616be30

SHA256
f692337de663edccfe7569bf59b3da921cab671d15d3bdc7fb3d5a8617330321

SHA512
6082d886f7c0b295de0a4c237bcffd96a3a4b986ad7e4a5f5ca517d14747be28b9b35e988fd8dfa4aceae3cbce35627244761874f21a67a73d646279a56b6fec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.instagram.com_0.indexeddb.leveldb\000003.log

Filesize
231KB

MD5
bc866c0d30737812ad3a6bc707e38fd8

SHA1
cf04ddfcedcbb592c93308f924846a36330b544f

SHA256
b6eda55d98fa4ae4131e58af19d52c605dfa0c9d142dd54c2a44a274633827aa

SHA512
13fcdf542a34a74a9bfceaade43ba4e335fca7d01514e4926b8d088d35f4a61809cbcf77e53fe9db4f67996107159279859efdf88ae4baaef5ea4db04323d9f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.instagram.com_0.indexeddb.leveldb\LOG

Filesize
395B

MD5
cdfdddb66ecf006f0c7b2ef88b3abab2

SHA1
0f1066e0803260e8e844f99874ec188f1cb572ab

SHA256
dfc5f00a7e5ebac66a70a20595e588c82a3d88d97b7dc93f11f8eea59f0e805c

SHA512
b7041f34365d8e36946c933972b6187af2ecb3ca95416ffc5a61da674e3e1182ab1c3da946ed03fc00426fda3ca6557b942938a101fd12c8cb8f82b0d6868ba5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.instagram.com_0.indexeddb.leveldb\LOG.old

Filesize
355B

MD5
d0836297f03b9485ac3213f9d0e99c89

SHA1
973f7c6894bc5362191017dee22188004954fdc0

SHA256
cbd7cee4f3c16c575a7cfdc757e6e98383485f6a2fdcd2e30272633339daa805

SHA512
8fad50bfc2c02f36793ecb171c425e182c43e06b3b0f4bfcdcbfca08be5bb492517cef1de8e3f64f6c0efa301bdb91ba71b1c258b2b95e100140598b435c600f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.instagram.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\73f95b19-ebac-4bd7-b66b-a0472a5116f3.tmp

Filesize
1KB

MD5
461056b2aa248b4d3314678960322353

SHA1
7fff4508f8a8282c7c4c4f3ffb9a07512482e59e

SHA256
1563030932db36497db85e6b635212d8071c035e89b9a604b035e675d8de69d1

SHA512
13b46702930dc3c874e6529c6200baabc1befdb0e4a1fa863fffbba7e5c46ae7adff792a059544f3227c5926d4168fc890bd72d3e30bf4f548085a8c31af8362

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
62759411bdc5bf2febac7d3b1c8a7c04

SHA1
57571733b8d46463c122da2f1c30b7f557e27f27

SHA256
9fca84701d795e71c751de44b16f369b77cb04748eaa065d3fb8d527e31114ff

SHA512
7f59f1b678cd5bc5c29bd9921faf6049c27c348ab0f2a5ce80f2e675a9424dc840cb4db8b280ae12b43f32c60ee2fe523e134593223ea994e226af76b717f733

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
b4e6633e3138222079a134d377ec29df

SHA1
f5c311dedc0aa4e72bdb3881c1fceb03eaa00c36

SHA256
89a173ca3c30f55d914862faf670a11824d3fb3f53ff28f02e3ef9b143fc0145

SHA512
fcf8dc4949d3f4e5e5c9ed3546fe00cf9a13715b9022c4a29fadb9456269319f159d751bce5856ee1501f0cc812376a14a8d8c32ee327c413e3ef1976911df8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
a68f20f538ef4970c23fe4e3048e187a

SHA1
e934773ac9732ecfabe5b014a8e333225238147c

SHA256
571c0424fbd61f10bea65de2dcf22e200538b4ac565c2c54a54b3672a861b432

SHA512
329aa4791a0c81d01f06d5547e7b436235cf413b87ab5f865cf9659254b7e95ce0e0293c033dd7197929f126120ed29f12673ca14c4ff5500635003775e57ea0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3e148702bbf88fcecacce915d826e330

SHA1
8aebf4b4821d90de3b5279e4306ca15cf995d1ca

SHA256
f4e8fae904d9e54b3ae23b5123dc669f73dd9a5cf00fec00ec98987b52e35f9e

SHA512
6f15fa45ddddca036bddb899a0e55c8a4aba4c5d93eeac7b4460d377ad7cb41296ca5f0b9011b7c51c57068c4c6233cc96a924d9b3793ef08060465df69cfe6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1381acbbdb8bbff751ad82df7448baa3

SHA1
1865bd6052f2a72e2f39b592e7456a90fcaf5032

SHA256
b2bb901ecc5db8218ed8b5b473a0970cc57d4ae6ee833eac5dbc7a51bb5b2127

SHA512
ee4628d0bba63b653f3b00f81ce51578c8901e6c0d9ffdea3c79ca939240736acc238805219c8df25c6178ef7edc5d6618a7f27fe154359bbedce78fc531948c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c8041495a9b06d19bc16d909b17d2ce7

SHA1
402aa86583b29c51c0176d2505ffa7e182bf6d24

SHA256
1a7796b9fadc14f0b855066920f9f39b45874b22b58e226037963a8f6939d4c8

SHA512
b13fe674a298bb326ab36c22589b163a03706667f29de155b9093f18d49328339825590416ef7c6253696d31cd6c5aed23788a02d41020f71f82092e4bd28e6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ccb055eb2c2fba888484803d62e7155b

SHA1
a5430eace4780e5fb4c57c11646c737ecd03cfe6

SHA256
2ad02f18fcb8e6305f74debbb9c519f44f2a014711a2f1df84d1f5ef53e1a0fb

SHA512
ea007fd2cd0bdafe79145e16e7d43fb477b383a2d219178e31a1beb4ce12f5561c230b85c83a9f6c818c40dda2fd6a142960cadaf5ec7f9e4569bbc4bffeb220

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
111cf202308b4320a2352b1bec461f60

SHA1
c77553dd135286c972fc3ee8d3f085a9a241c1db

SHA256
392db33d46badda43a4ab6b63d2eabaef4252d2a11940e30ada0e06d65c2c4bc

SHA512
3651e10b52c6096242816677f6cefa988363c1fa0dd7925d11fd5ab82ea2976e423d9385b90689db00393579b8d2ceb6bbb44a9f87cdeceb14b4e08c0cdf8227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
376a0981c0502ddc71cfc9b87ce0369e

SHA1
9b02dab08fa03d24e0226f620b100d7e616ec37e

SHA256
38d106260370fe4485a6b99b9c021547a303d9d67be92b51a405dccd6229aa16

SHA512
4a5abf03e0a0df1867b6f1691ff54335e5d7f326ecee40e1ae073713ab06652c1c40ef27bb0f894848dc0cf80a382217ef18aff8ef8702ba4ab389c94fd468ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
25358bd0bcdc964eb06b2bd68b9e4d31

SHA1
f67bb31e2fab7aff16712079eb2ce3714239d5ff

SHA256
f3aa5716512af6078b372055898de0246d4a8518e64480bac79254ac56ae7e23

SHA512
4f1e76b996384c30c344fc25daa694d12d8770579dec553826437b4fab9d6e9b9ffc15d380f4fb987ac56285ce363d9d12db6db4c368735dbd046041b6ba2afc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f0fb2b5592fe82532fcd1f338317a160

SHA1
278ba9378beab6bb0a584544b38f8d33fd3f2063

SHA256
cca75a28649c8a3ed81ebd2c82087193a73dc78ea30200524537d5265061b812

SHA512
6431e8b39039a6c38d7bab800f394a46bca170d344d1451027ca9eb7e39a00ab4d12e041b479195112bd1884e89f58fee7c49e7040ad006a7121a8093c9ce33d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
463d0558f77f3437918df2786eef3040

SHA1
3c41dcdb35d4db1996030edeae652ba0904469f3

SHA256
beed05cea07f76da854adbdaba7dfce26ef401bda0a5951901c7f2bebe80b8de

SHA512
dd2a0f833d55104b71db91d3480e026520b913bfbdf3667bf322d1bcd76dbd9e9cce5ada5b307934a4389d1131b850073c0fb64b964307bcd494d77936425d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
234ad7d15218e6200db140764fafd794

SHA1
ac3b715cd3a9e63907f078e6c33cdd7a6ee3f3ed

SHA256
a52007d20404f1da486da1cd7137e865199709aa221102ad802c620d5f6296c1

SHA512
09e78c073a91163b616035b429720291d2b419a30984d99cf017687591283de06fa1f69c3c04c8153f12f51e855d801e53d99b222e7e346fd4479e92ad478789

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
401925a6722f496caf02ab63c880b92e

SHA1
da78803e27192dc81bd469fe390a962023d623cb

SHA256
212fc60374d1924cdd36a60577e5d63fff259050d2756f2ae72e5ab30b19e453

SHA512
41ca41b32b05c9911c0b99feb2810a0493665dc8bc2d9f53bf530ce42b0f17fa7bffe94f130b283bf141ce1f9cd6d3e0a58b8ced3258e3c64e2161c182d730bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
74538369a861442a46b4d9377587ea87

SHA1
50894b6de54eb3be38ba851f0150fe6cfc52a0d3

SHA256
624bf97cfdb76e0ac68499d0f190abd0ce4a7249bd5e2a5b8b440588298954a6

SHA512
3b490d4c1090c217b83f4a00732d49bec70d76674120ca6d151f7a812be8b904a8cfd1b4a64d7fcab4860153fd8760310cb77e0cf14c3de8a3ac33520eb5b221

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8ad3c02650d3254552f3675c61d246e4

SHA1
ed4bb05a5be01ce28fd8be98afa4b9197a960c01

SHA256
b62c8824cc0b97913d2c85e0d5a1232d2d7f1a8a64fd2630f70e8b6716680c02

SHA512
30d2639ebd5084e288b2ea847643e6f64c36a48a17778f2ad6b6c970394e0b90b2cde5053847b0e91208dc5ece07812a52e4edca16c0232444b2bbfbf3472fbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
41f9a11dcf0ffeb6bae3fc25e6c95bde

SHA1
7a9375f4cf230a636a87f91e0b24f10c9c0541a1

SHA256
3043c92d584236b110f1b6860bd49a09b186839836dc1f34103d14152fbb3995

SHA512
6b4df91d45df869e478660caa24fee968ed97ae19d4eb8f8340bef1599a9eee475504588c73b25a0b26f42ba5f1393f39da3fc4b912c09c677b95ffd37d2f2c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e9e21bdab906c00ba9886ee7bbfd7098

SHA1
e514e03062d5918076cb0e14af85a00da7e0d180

SHA256
b4abcd3de474c538b43743165cccd4cd065fd62d33f2b7d460381ef2ba50a854

SHA512
e91691e07065dbd40f6bf20ab55906ec33838adf342fb73fbc37c2d69f9220eaefba8325b90761a2fb279c075eec36870c83b7e57d8886d8cbe4d41facf4f7d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0083d844e715af26e326c3009e25044e

SHA1
851b1393f88f56b672e6dc7c11a158f981236459

SHA256
fa01fddb4c9ba06f2979d0d0053bf2e8398c767b781a4a086fa57a3ae3d12379

SHA512
ced0cf5b7ea6ad16b2b29f9622170ef9110451dd32236f5aad89264686665725dc41e943a09facaa7366072bdb93f115922bd26af7e33619ea503789c45393a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9b52d923d7ace74236808e62fa313c4a

SHA1
fa3007ca0c66840460167b801852d4b2adc5612b

SHA256
7420a6cb4d62f728e84d4309919f7f9c606040e1c80ce852fb7d3cf43b5926c4

SHA512
f03b63bf1b03139afc25f1b8642fe15f5cf47d46fb4157cbe8673da393d4ac95f9e309c7804115cf15245b9fb98bad78782cc2aa7811c604faefa5b0eb875d03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e4e38935a5c631c03e15793ae86a803b

SHA1
f73f7b2fbdf1105b0d0f76b63c998be357b0da56

SHA256
c39bf9ea0c08c4ba3cfe13108a5d3f80c9aee7f66ed81bdf0856af1e844c6427

SHA512
40ba755b4c6dbdf42c46c813ebdcab8e5104d48e9b6c3cb0d90f706454f441eaaa798e32bb4c90a1fb78c0b7b967d8f2427365d79e79a39045388c9278a50971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b1612a180cdbaa2d4671a822073a9dfd

SHA1
f156608bf02d47d7907cfc729e754cec4869253c

SHA256
220b9eed47826099639571acd54b2c2be99688d7748243bdb1115964961dcde0

SHA512
b8623f5b5aac3270f9d450264a915792bfe433839fba04574e08a334bb6c9637aa92cd7cf09b8531c4da0ceba799799d1feff02e59b7ad82d358622d3f005199

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8bde41c774565814a6b935d510032cca

SHA1
627fa7ef5065f313179435f938d1fe47140665f6

SHA256
ca621fb5bfa834a4543798a96e6f8b8e1f14f8e5d8f0046549b2e0684313c457

SHA512
0104bd70908f2e48d96beb18920385a50660bb09a60d5a2b79ecd67ca9c4d9aacea4f7ca8df6fb711c5d992acc6ab7cb5e10943e416c6aee5668942c9db3c098

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
10582bc3f9f25560f9367a92a3ce94a1

SHA1
05a80dfd7e716bb101a3117f3384dbcba21e2cba

SHA256
a55c9904fee57354332530c5f910dddb3dccad21af39d9d0854ccd03d9f809ca

SHA512
18fb0b4f8af74f185c6145aa953aa204470fca4ef803c2a931efb8ca34932c41987dbdca6bbf561468f55b8397e3fed26f559785a6eb55f52a5977dbe6a8e042

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7326ba2575462c7da7ebd2bceabd1ab7

SHA1
2838a36c177c06e0986c499312dbb8fb909fd144

SHA256
b444ee76235ea587afbbdc3f22968d5560a7c1f208f9006e5fceaddaf2e298a7

SHA512
a20c3aa4cf76143d03f1fd535569a857274cfff118a06ec962af6941525ac7990459c7b080caae037bf661331127be736d5786bbc5550952e2cc9c177b8d137f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1789ea6e6bdc7ad190509db1e7e0973c

SHA1
0a7d0491d7295d6084402fedf4015f639f66dc50

SHA256
1bd744e7ecf7dc1b35e24f5c68dc0198de574b4b36f7766456f871d60605d672

SHA512
ca0f85e6b2b7dd9191d3cb1892a2844697d4ed8e0fb49b41f4b87b64b9beaf4fb45ae1c10f008b9e1c60cf86a6ecd5948450469b4e63d4dfac8c9a34187fdfa1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\ce4ad65c-176a-4130-b094-eb5c5b50541c.tmp

Filesize
1KB

MD5
2d0d7d5434f3554ed3e55178d98e7fa9

SHA1
2c6036d371eaacf5048052f628dbb0b67370fc03

SHA256
b894e1ee0d38806c5b28139fde523ed41c947f286f5ee778c11328daf0d50349

SHA512
029c1872ae0dd827391be082f3382531995d390b1a2b941dd809d9aaa805e44bbbdb0df76425871ae966d5a493516f18ff027682159c1ea8363af79a018fa41e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
370c02ee892d1f6331c94800d26e1851

SHA1
14926b1be526d843139de5d32f629a5c3f148bc4

SHA256
dc0ee5b5d6170d75e9a4b94ccddf063c541f41979a8eb4ec5efd2fec72a1ee12

SHA512
353253bee2d68ff6d38df2ffe062ec61193b609cc2e3912a166f8d6c5638c6968211f5fdfa1770792d61beb576b1879e7be54fc0853a5b2b114fb0ef780e1ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
2a8effdcd6bae6df27eb122461f013c6

SHA1
75b246c78ea4e36f37f64bfedbe3ce44ea04489a

SHA256
58bf0e7d69200aabf2175c24d1290995fc26b33cddfa1a16827b0cdfded86388

SHA512
8b8df5fd98032eac8edda024b2e5ac143101ec9774cfdde22d4bd21467242219a86f741a16dd5a874d12880af4dc6d70a3e8138d7c54d3ec8f60139c8899ebcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
9d2838bb45a4ce5bdbc804c5aa4dcdbe

SHA1
e75593bfe74a1e902a632a4788f37611507cd8ce

SHA256
9e55fc023052dfc25b4ac907f2422b00724cd2a7abde28bcd1ae66e05494b85a

SHA512
0ec346810ddd941495d20538ea944ea8c433a03fa2b1edd137d9ae49cd9afbfa827df341e6a670f2d5bb031b4fbb51e6cde51f9016fa16d1a9c48127ea76d48d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
ec4e38fd3b8ed27061114d32581697ba

SHA1
270942b601ac279fbc273a75d78f4bdf3d5ef047

SHA256
2165b7e074c5e99d9c1c8803e446fc981a8c05f2642b2e4211f206dd7760f890

SHA512
63cd9022a6bb760032019bdf8ece69ecbdf44ea421e554443d8b18814a53416b8e1d225c35450c5e9200a4a001439ba95e5937475910a4ab826ab0ca120c58a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
99d3f6731947be2265749b199834097b

SHA1
eb1e8bed3f8b30118b5aa044dced754b11c7d4af

SHA256
1f5c1f14f551619a10c421fea58de949a8f819d19db41afbc3d8509b04203321

SHA512
0ae7e102c620963a14180a209c2ad640b1f857cf469840e5a5363158fd78a1a26fbff3cea8c432dd64889d578f6358ca74a37468ec3d26f93e57d5b9cba36134

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
f5d3aafe7612f1d74317f6a7005bc242

SHA1
cf28f4b69f09091c9d2537267cdea86f39612572

SHA256
99d497ffdf9ab80a712ab14bc6fd4b6bcde4c4d4a7d78caae068034429a53bc6

SHA512
23be24156adfed048bfc19340a9375a62167c41d45473882048c3d4f1fc2458a35a3795d044aae567a0656d0093463f213557dd328864b9fb5c7d0724558a7e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
ab5ac7786bd4dd70280a11f8037dedb5

SHA1
433e028e738515dd70a073c914a5847a30f3d63b

SHA256
21dbbc7f74a0acf7a056de649efcf0ee1d5765b695a3321ac9a223d2fa60d34a

SHA512
b0ea269dccbdf8fb5f5a9723da0708b6fb54ccb13597de30bd7bf3acbd8d8c251bb9bb2a61c0bda03d026d96b571655852475fa54ab68ae65d7c735becbd6d2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
30KB

MD5
30490fa46135d3d773e62f99f82e5117

SHA1
dc8d19f917bc955d71e0d9ab8d837eecf870c19f

SHA256
b0e6026962412ee060f4e3913faea6472f736f376030c8b3ab4bd6fc9f36e8d1

SHA512
3d6ccbd583561f0d3c6eed55709d9f93099b7dd83ff580b111f7f42c3d8acd2a3efa6da4c6ec00d9b27601971b43fb4ac27ee6573f47db05e9f26a549ec51de3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\a43fb5f2-0890-40d0-abfd-4c65625315a2\index-dir\the-real-index

Filesize
72B

MD5
7e022e888db892133c579ab01ae95948

SHA1
a950d77615660083e6f89eb533c5a5baab1466bc

SHA256
2e17edb047fd06c9fa3e1053ce9b9713d049c75a27885845283e71b8866a7ace

SHA512
15c0f6bcc97d6354b505461c7038e07e672e77e524782da62aa2a689dc1391f20a14aa5154d612e7f4b0f6885eba085969787281cf2450251db58a9578fde41b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\a43fb5f2-0890-40d0-abfd-4c65625315a2\index-dir\the-real-index~RFe585d8c.TMP

Filesize
48B

MD5
388e02363061267b1781a039daad43ac

SHA1
0992e987bcc97a987111a21b6989d0589bc85a26

SHA256
2d77f90180c426aa1db8eb9e1672ae4e288872d47cbc383064763a01a12473d6

SHA512
c8d594b6d011a131bced7f7e19f0bb2141ff1e464d1f45548120aa555858e5e1bb7a636efd5bd7855de1b5dc68a40b0ac1d74bc62940ad27157993df1dd09879

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\b3c305b6-593d-4945-be3c-badf6d695c53\index-dir\the-real-index

Filesize
72B

MD5
084cb9baacc2c189d48c3fdb20ab90e6

SHA1
d7a91b6ccb8071e7147973b3d6e7de5ef8271d0f

SHA256
b1431e379b308799f5278ef7551f36d88237861fe463c5a56117c502e692ff15

SHA512
0f34f0ae3d069dcdbd79cf478a99899a14402b46a8faffd3c73bbfd69d0680427a22b24f9d78790ee667300e7c4de1d1797fe7e29c9c9fe397b2345a95b711a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\b3c305b6-593d-4945-be3c-badf6d695c53\index-dir\the-real-index~RFe585d6d.TMP

Filesize
48B

MD5
b7e23ebccbcceaf5739009e7ad761415

SHA1
6db5b36c6cb6f43231afb6c87b1fbbfc0b732a9c

SHA256
42a4f99e16657e6d08396fd7f041e1e318bb205a3a4c9e30787d4d4ce0b9e1fb

SHA512
7ddb902f56f7814836161640dfbd622526cd26cece7685017f23474640549eea3164f2eafc2d95eae75d108963d3dab1206e55c60afa1c1393688aa84c7444ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\f1a2d113-539b-455c-aa83-f4a8ad0b747a\index-dir\the-real-index

Filesize
72B

MD5
0a746874ab747b15dcc04c279cb44c8b

SHA1
966fa7150a39bdd6ca0f1737d90daf77d428dc13

SHA256
98e9ea93e1d6e8866e7857fa9900f181edabf12078b260e42da9683262d1e83f

SHA512
58a1125db795c3396fae529ac6ee8a0aaa0f9ce51f3b5f656ad0133f50aaca249bf3072b37e53189109cb96dbeb8aa357160e3f6a76274824e7f9b140d6537c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\f1a2d113-539b-455c-aa83-f4a8ad0b747a\index-dir\the-real-index~RFe583eaa.TMP

Filesize
48B

MD5
d0175e7dd6b932653384aa370da91cb8

SHA1
e864c2752c45ba5d7c30fb45af8171302937405c

SHA256
85e4bb07044a935e7d5bf1b550ccf6905bb4bfd94cfe54738bc4ed7213e35144

SHA512
e664a3400ae38b7ec93fc922f54d04eaabc739b479e4aa933280853571ddf163f2044b305fefa92eab6491b3dde3159322d98293ce6d14cd174eedb4d1176029

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\index.txt

Filesize
192B

MD5
93a8797f93c056c79d1604f13fe3f7a8

SHA1
a45ec51b4c37c4499d6e8bc3327fa5cd2557c868

SHA256
7e716b52da0fd1c7e3c6f749882b6845ca6998685b918e6ac69cc015e7ed9f09

SHA512
64cae24998c92e5c1637f8873996c2968964c96b1ad2739b883addfd5a5c800433604f69343422730978e944ece4a7aa1482b709f5fac72d85305a528381586d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\index.txt

Filesize
249B

MD5
817bb9a798cb2fef1d70935f0fa79590

SHA1
31393d138cd9e62fde1a0377350d75a52b602b41

SHA256
f5f872e1f3bbf89ef3649437646f49acac0f405432b6c1b525cd731bc24547dc

SHA512
fc5a75cd599b3a0c2aa06c63296270e9aa16da9697caa353fc252d7c522a9b8978d16fbb8ecb5166d72f8db06aa352ee5048e86cbdf2a5699a2ab0b34996260e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\index.txt

Filesize
243B

MD5
6201aeb055ab33fdcac842c32e7d6d29

SHA1
6c70483eedf8056f4f01dbe1d04dda64aec29d04

SHA256
3c31171d5ff185c3cc1425f5b51dcac05c7776baee5d2b3e66b4172d492955c9

SHA512
feeed14375a034ef2e92234d3e14de9c870a4094511b0cf6776bfd73cf75d45e754ffba04982205a7c8370c6f9963ccc4145a8a991ebef4356efa2d439da51cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2348e52d6de9218df880d9a88ad6a5d8c2c9555c\index.txt~RFe57edda.TMP

Filesize
127B

MD5
bb52714b59dba5b33e33f5ae6d39fa95

SHA1
25b941ef639a86e8b0c4134f0ca665419d86ecc6

SHA256
85cc1fa657fda9c1450465871a674323a799ee6e9f02a7e7707fc52d9ca3b62f

SHA512
e1065896135969d04a86bcac9ab0b68d78df323945553482156f692dca84480c08cb72b38a6a42d8f15a6a3c7d9a98df63605c61a0a418d660c5bbdbcdfad07c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
074601333d9ab4d01f9de23016f9d699

SHA1
958d8497db9147cd55b5d7542dc12cbd99d58461

SHA256
87013781b959b0db04af21fc41bdf541a251a28245bd65403d8af5e17848e640

SHA512
471a9d0712b2e5a4bc34cf8b58a9e3a5e5d2033ae0f18d1893488bef787ae28fd7ad8df7f19aeecdb685f4ec85c0318f0bc71df4b7f090f93b6c73e05e6295f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583ed9.TMP

Filesize
48B

MD5
84c1646e65752b3361094c2a089f1f67

SHA1
5a08bee6d1b6e969ab597389605127cfff8b8de5

SHA256
51f38fded0a6961cbc3a70bc35d9f79415b0ce7c0c39daac9dc7a15dcfd62474

SHA512
57230a0fe437f709bdb04f8f2f496012a314d0f64208ae9d50244849002c71ec3ca821e9d4cb0925722772a3aaf99a69b36a9facd6f0abde4a78b1dc3bb91461

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e4569f93-631b-49b7-b58c-e9138fb96001.tmp

Filesize
12KB

MD5
9142ab9ebf01eb857ebb86ba3670c2cf

SHA1
79ca06347b6888bf87063f5cdf8877b132d922dc

SHA256
b29ec676142877a474fb35e9f4f5f03e0dab3df8954a5813ae4f0ad4a613dead

SHA512
75a3f9686d692ba9a8e93fa26004737eeda01aa84b1971a7acae8fdfbd7d008b47262a75d79784a56c0a1700f291da7c09ee86f6d0aa6092195d787e214d5094

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
ce0abf01174bfa5de8028999d6edf22e

SHA1
bb5627ac4a6505abda6331b1ec06fe4834d6b16d

SHA256
eabc080cc4fb6a30982dd7627a11d737fcff6a51eba9425b87dbaf76e6bb7078

SHA512
88fe141aa0f83d10309491423d1be6be43707b2af54b7cc15041aec84ad396941047036d974cd7341ab0e42ab0ce5cce06c3a8572a26fab6d6605ef58a0d383f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
31KB

MD5
e9213a723d17b8e09ab0e43a306cd90e

SHA1
6c83267aea1f54e6e94338fa5e97e0b11de01c72

SHA256
5e4550262c5cb8949887dca80ffee467e3768bf6dc491d8c0ec142bba8028474

SHA512
12fd3a90cfd0df6d2f88bae1c6d5e130450543420500803f5b047f1e5d8f85b58721b20b17065ad8009bfe391cfa6fbc10b90ae189ddd2930396e6c9fe660121

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

Filesize
9B

MD5
b6f7a6b03164d4bf8e3531a5cf721d30

SHA1
a2134120d4712c7c629cdceef9de6d6e48ca13fa

SHA256
3d6f3f8f1456d7ce78dd9dfa8187318b38e731a658e513f561ee178766e74d39

SHA512
4b473f45a5d45d420483ea1d9e93047794884f26781bbfe5370a554d260e80ad462e7eeb74d16025774935c3a80cbb2fd1293941ee3d7b64045b791b365f2b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
85abb78f23c9ad19f20fce85516b82f4

SHA1
6c9ecc79c815110061a0a1d6bd408b8a623ec178

SHA256
c05d15f2ab913c4cd350ee53c9d6a638ecbc990829437c5a1d25a02adc09f65e

SHA512
0ca5156a452c69d1d859441e259d83e8ac33534563efc5745a4136cc1c9f6612e032d0a1390b3e64462696888820578af9bed5b60b976de3ad2fef87f639c6db

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit