Overview

overview

8

Static

static

3

skate.worl...ET.dll

windows7-x64

1

skate.worl...ET.dll

windows10-2004-x64

1

skate.worl...PC.dll

windows7-x64

1

skate.worl...PC.dll

windows10-2004-x64

1

skate.worl...re.dll

windows7-x64

1

skate.worl...re.dll

windows10-2004-x64

1

skate.worl...ms.dll

windows7-x64

1

skate.worl...ms.dll

windows10-2004-x64

1

skate.worl...pf.dll

windows7-x64

skate.worl...pf.dll

windows10-2004-x64

1

skate.worl...on.dll

windows7-x64

1

skate.worl...on.dll

windows10-2004-x64

1

skate.worl....5.exe

windows7-x64

1

skate.worl....5.exe

windows10-2004-x64

1

skate.worl....5.exe

windows7-x64

1

skate.worl....5.exe

windows10-2004-x64

8

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

skate.worl...es.dll

windows7-x64

1

skate.worl...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-03-2024 06:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    skate.world/SkateWorld-2.5.exe

  • Size

    346KB

  • MD5

    c6d06872d54963c7a7a4bb15f6cc97e3

  • SHA1

    49ce10cc23154e735e4466c55cbbe511ee170671

  • SHA256

    5d0c21df3bcf375e740a3f5462a518d656ca9cf4f31898379d4046b38cdd3a44

  • SHA512

    f8dea053b0ec0528e8ae741d3e6d2402a28792a8080efa4a98e83afd43ff4fdf45a02f7fd655187f914949c80d34d9c1ea6739087ed94b2fc93ae96ca7da482c

  • SSDEEP

    3072:qIl9mTYDNDK36o4zEsb3q3BIIi4bZIYl/I8SlrYoHfMGN2CwLVXcbDbTD2EDKPmf:qIvK36o44QadTWYl/IdtFHEs9jbTiW

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\skate.world\SkateWorld-2.5.exe
    "C:\Users\Admin\AppData\Local\Temp\skate.world\SkateWorld-2.5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5076
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win-x64&os=win10&gui=true
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4944
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8e4b646f8,0x7ff8e4b64708,0x7ff8e4b64718
        3⤵
          PID:2108
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
          3⤵
            PID:388
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:1756
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
            3⤵
              PID:756
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
              3⤵
                PID:2936
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
                3⤵
                  PID:1268
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
                  3⤵
                    PID:2856
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5448 /prefetch:8
                    3⤵
                      PID:4000
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
                      3⤵
                        PID:4348
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5928 /prefetch:8
                        3⤵
                          PID:2292
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
                          3⤵
                            PID:884
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
                            3⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:2808
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
                            3⤵
                              PID:4652
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
                              3⤵
                                PID:1228
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
                                3⤵
                                  PID:5196
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
                                  3⤵
                                    PID:5428
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
                                    3⤵
                                      PID:5436
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
                                      3⤵
                                        PID:5168
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,3932785830354748742,9767073280126155369,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6736 /prefetch:2
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:404
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:3924
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:3708

                                      Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        9ffb5f81e8eccd0963c46cbfea1abc20

                                        SHA1

                                        a02a610afd3543de215565bc488a4343bb5c1a59

                                        SHA256

                                        3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

                                        SHA512

                                        2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        e1b45169ebca0dceadb0f45697799d62

                                        SHA1

                                        803604277318898e6f5c6fb92270ca83b5609cd5

                                        SHA256

                                        4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

                                        SHA512

                                        357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7e8eacba-041b-4cd5-bf0e-31c16f37b0d2.tmp
                                        Filesize

                                        6KB

                                        MD5

                                        d3d69ed61b5502199e77ecc859eb32e2

                                        SHA1

                                        b8653ef5259f9d6501deecedf110c73f46248a36

                                        SHA256

                                        ec1297ade98addf4ff47e8577e5504fafe8c7fcf69ad423c0c077211bc041be6

                                        SHA512

                                        8277b79cdb57891757dc7225dcfc80bc789b53046e4eda6f4cfa3c36618d672615a7a68d8f38f6cb9979b9b045ef76414903cc1a20fde2ceaaa7a194343d319b

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                        Filesize

                                        384B

                                        MD5

                                        32cc0924bc7741e7702b06217846fe7d

                                        SHA1

                                        2e273f5b747114fdd10e346dc19ad1556d10d2d4

                                        SHA256

                                        4d590f7be8b4290afe6e8b7c7f1639ef6db4f2949b89a76294e36c5ea6b10ec8

                                        SHA512

                                        d468a3b2efc06b309b22ae0b7bedde772497ad35a3ea3349e9cac03c098a96712683ebffe77586c3c13ab3a20de779856c8333d8a4ea8ba2d88c51889346d2c4

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                        Filesize

                                        111B

                                        MD5

                                        285252a2f6327d41eab203dc2f402c67

                                        SHA1

                                        acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                        SHA256

                                        5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                        SHA512

                                        11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                        Filesize

                                        1002B

                                        MD5

                                        033d21c34116fde225add349dbeb54b7

                                        SHA1

                                        9aa4a60a6c9219fff25e4f9ae09a50f87ab7d097

                                        SHA256

                                        6f6f9e269d740e8f72781a434103dacc33027279c8a096abdde602e4f2c090e1

                                        SHA512

                                        637d8e4cbf5c3d8664c71fb45c62c3bcf7147dd2f213ee3d1a4cd7e240d9f6e45212ced9fda65718419ae336f6b2fd3e3e41140b5bab844db0c1472a76d339cb

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        6KB

                                        MD5

                                        bdd7f11030853c7324cd6beea49d5100

                                        SHA1

                                        663d09a642024b4f1318fdc9a9e277bccf9d1530

                                        SHA256

                                        9a879aba3e1df1af8f9ad63933fca2741f02f0d55bcc5620230d88be9ddd1e98

                                        SHA512

                                        3c25d5be9d24cbeea052943f44858208e9c4887f87a16e7eab8e05d238fcd663255a79a71d6a92771fb1b951ecb74fe91883dd283bf906139c0690c07c70206d

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        6KB

                                        MD5

                                        f0e02e7f3b3b75405215a43c4535f13b

                                        SHA1

                                        6827d508ef34a876104a67a640e0a5a4ee651438

                                        SHA256

                                        746e3ecbfcfd577ead929accae616e739b52661699910a0c011d3bd998f66427

                                        SHA512

                                        f836dcd4c376fe6d1aff4fcd2ca43463ce70c0e039a74df999278648e9a5b5f705b22c4d0da9ffc525638ca0496f0ba60dca7afbec466871127031aad8a2f396

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        539B

                                        MD5

                                        337004f90f4331d1c919bd48d245d11a

                                        SHA1

                                        4dd9f78131b1c0324926df506b9b098bd9301ce8

                                        SHA256

                                        f6746c26d5574bea375e250d98be46684adc8d53e2e1c8b1e348adbfcf0e383f

                                        SHA512

                                        531b12efd4dc8c4e759f606621c54947856e9e292aca9fcda9d62f08b5e552461e299847b4462e8f7075996ff15a0bdc4c9f4764cc6fe75981c709d903b024c0

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        707B

                                        MD5

                                        a0a59899282092d0d2bffa2bd4b394a9

                                        SHA1

                                        11f1e35812a5270fa8e73999f56cb67f3b2b5f9c

                                        SHA256

                                        b40232a227bb35d58ce872bc0f614224744cb43fd17c29318b2ef1392ccced8f

                                        SHA512

                                        c37360b79a3c5fb7aec8e79b481b5aee6a1a6e70e2bb6437a5ba73e6f771af80b39a696f4cada2dcc526d766a1c536b90d5cacd5a2ed00a6cdca3d5e5104083f

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        707B

                                        MD5

                                        69825c2c8c49755d14fc272863fb9336

                                        SHA1

                                        271938166d766b73929b929988a6aab05fc136cf

                                        SHA256

                                        b2117b470e5b459a50ac3caebcef3a696cb9b210868888828c84e66687614784

                                        SHA512

                                        66347153e01ab0588058bc7157c9724443d8169d573afa8a0534ab14e9c82b234980a3e9db58228054355b7110075f36186312e4c306775a18c241fe242d532b

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c285.TMP
                                        Filesize

                                        371B

                                        MD5

                                        74b2b8d2507be3aae895687a2129720f

                                        SHA1

                                        52637cd5aae4cef4a4bc171510d0683c34dcdb19

                                        SHA256

                                        061e9148767b1125c0524513032ab1a0d6dffd0c57dfd5c46dd1ececb89fcc50

                                        SHA512

                                        84f45c67ceb6886cba5b87455065b9fa69f7963fb4de882244ca441f307a307fd062160c26242936b0a53669df2bd5c4090f01fb0c274c6151ea2fc5a301b1ce

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                        Filesize

                                        16B

                                        MD5

                                        6752a1d65b201c13b62ea44016eb221f

                                        SHA1

                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                        SHA256

                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                        SHA512

                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        11KB

                                        MD5

                                        937cd9d1dbd1c1f8cae1a3fdeca7c676

                                        SHA1

                                        1ff031c8e42dcb43de554ff8f2f7ba987f4f1509

                                        SHA256

                                        515ed2dff1dff9eefc41c4bb7d1a26515957195c632ee8845874d98c3e215b31

                                        SHA512

                                        056a847fbb3a151cab6e84d219fc7ec709ede9da2748828a2380118fa82964baebdbd7c8aba1de28ad599d0bc4de000f13cedb4cedd13915e2e3d71542c6ba66

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        11KB

                                        MD5

                                        47f18ce074e612eb49e694401ed84efd

                                        SHA1

                                        699bf0108f56883dfcbecde6068c9bbe42eeb56d

                                        SHA256

                                        67f71728f2c57a81e58fbb7fb064896297b91d7e24038c5af1f0a0a494c3093f

                                        SHA512

                                        b7537f7f3f4679204bf41e3044e975d3c3acf7c9600ba9c74f19f5a7bd7ca9a5c2020737182500e8be01701ec6ef34307afb269909fc3de23981e087c28bc3c5

                                        Download Submit

                                      • \??\pipe\LOCAL\crashpad_4944_CSXCLYBJJNMQHUZA
                                        MD5

                                        d41d8cd98f00b204e9800998ecf8427e

                                        SHA1

                                        da39a3ee5e6b4b0d3255bfef95601890afd80709

                                        SHA256

                                        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        SHA512

                                        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                        Download Submit