Overview

overview

1

Static

static

1

verify.html

windows7-x64

1

verify.html

windows10-2004-x64

1

Resubmissions

10-03-2024 09:03

240310-kz851shd4x 1

10-03-2024 08:54

240310-kvdtbagh54 1

Analysis

  • max time kernel
    145s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-03-2024 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    verify.html

  • Size

    17KB

  • MD5

    2e33c8c07846bc51f8e5465c45115b9c

  • SHA1

    5f110febddaf4f0705f4bbbf3e9140a89964c3c2

  • SHA256

    7ce00ea4bdff1ef8710db092aaf1fd07411373a2ee62e8f29681ff6cb9865ead

  • SHA512

    3f31b973cbccc40e3759e72420a5953aab756b5542d24533fc59c9d003375ac00288bcf666118ca66a0862220f2bed50fbfc7e7c1b25e4deccd0e857ba3e9478

  • SSDEEP

    192:PNx5Ssv99qXoqTJkNr423pWKcMQWx6pR89K3kdcBhHwvRrXVdYy1sN:5Ssl9qYoJkN0VMQo79GrHwvRrXrKN

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\verify.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3584
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff99c9f46f8,0x7ff99c9f4708,0x7ff99c9f4718
      2⤵
        PID:2840
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
        2⤵
          PID:4472
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2024
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
          2⤵
            PID:1776
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
            2⤵
              PID:3708
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
              2⤵
                PID:4124
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
                2⤵
                  PID:2084
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2832
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
                  2⤵
                    PID:1324
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
                    2⤵
                      PID:4660
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
                      2⤵
                        PID:5148
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                        2⤵
                          PID:5156
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                          2⤵
                            PID:5832
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
                            2⤵
                              PID:6004
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
                              2⤵
                                PID:2032
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
                                2⤵
                                  PID:4612
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2308 /prefetch:1
                                  2⤵
                                    PID:1852
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
                                    2⤵
                                      PID:5296
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2272 /prefetch:1
                                      2⤵
                                        PID:5488
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
                                        2⤵
                                          PID:1160
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
                                          2⤵
                                            PID:4560
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
                                            2⤵
                                              PID:3140
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
                                              2⤵
                                                PID:5876
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
                                                2⤵
                                                  PID:5444
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
                                                  2⤵
                                                    PID:2784
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                                                    2⤵
                                                      PID:5208
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2128 /prefetch:1
                                                      2⤵
                                                        PID:1476
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
                                                        2⤵
                                                          PID:5668
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,15069458877423392987,14002334915576789593,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
                                                          2⤵
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          PID:3888
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:1028
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:4824
                                                          • C:\Windows\system32\rundll32.exe
                                                            "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
                                                            1⤵
                                                              PID:2280
                                                            • C:\Windows\System32\svchost.exe
                                                              C:\Windows\System32\svchost.exe -k UnistackSvcGroup
                                                              1⤵
                                                              • Suspicious use of AdjustPrivilegeToken
                                                              PID:5612

                                                            Network

                                                            MITRE ATT&CK Enterprise v15

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads

                                                            • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
                                                              Filesize

                                                              16KB

                                                              MD5

                                                              2cc28d60210819d5a6363b82eea1acde

                                                              SHA1

                                                              d4d1f1a17921611a776b3c9a4bd1bc3cf6053961

                                                              SHA256

                                                              c8efe9226d3cc3932483be3e7846fa3c387723d6da37910a20479c69d4859338

                                                              SHA512

                                                              f07e06562f85f8851540cc6fa33f1a502804471cf2d1b720c203ce8a47f413dd2d6c67f89f0fe10bb5508b6623a91f4d14a38f2499d5ae896818ff3c6827f175

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                              Filesize

                                                              152B

                                                              MD5

                                                              47b2c6613360b818825d076d14c051f7

                                                              SHA1

                                                              7df7304568313a06540f490bf3305cb89bc03e5c

                                                              SHA256

                                                              47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

                                                              SHA512

                                                              08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                              Filesize

                                                              152B

                                                              MD5

                                                              e0811105475d528ab174dfdb69f935f3

                                                              SHA1

                                                              dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

                                                              SHA256

                                                              c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

                                                              SHA512

                                                              8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
                                                              Filesize

                                                              28KB

                                                              MD5

                                                              ec07ec9529f1e042a96e04f891d81a3d

                                                              SHA1

                                                              f987ee512dc69721a8f2994df82b6362f0dc5786

                                                              SHA256

                                                              d98f9835f3e5f050b96608928fd8fb2bad0c2085342c7ea246277bda6bfff371

                                                              SHA512

                                                              d79d501e4ceaa15e0c02951453ca657cca0cb5b11372ee2602105ba6dde0032611643b014f919d0fc09dadedc60c4e761eec76e4bacdbf9709e586d3df1f0675

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                              Filesize

                                                              80KB

                                                              MD5

                                                              14e39be019da848a73da7658165674cb

                                                              SHA1

                                                              e016473c4189a8cc3dbff754a48b3e42d68af25a

                                                              SHA256

                                                              39595a1806156cfcadf3cc4e20c5c3f3eec721386a0551790a15f025ba9402bd

                                                              SHA512

                                                              828a383de549871aa80ec960a7e371ef47da96d01ebb9628d1484ceed9eb698aec5109b3de0b24ff8000610a2c2d633616c9fd28d380656fecbaa930cffed029

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                              Filesize

                                                              144B

                                                              MD5

                                                              a1663cadb0a8840a87d66680e7d176cf

                                                              SHA1

                                                              92ced1e498469391ebe6af1daabec8007e46c9a2

                                                              SHA256

                                                              1980bd7f5a72191b216f38bffee9d8e79af8cadae4480eb309e572ccedc1b1d1

                                                              SHA512

                                                              ba7fc573adf413d18f1f05fa025267b96a86333c46e1e7fb9eca091ab5e2e770e1c9eaf387b525969e73b93a7d5e2f116715ae95e2e4a52d8dd4a15910b0270f

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                              Filesize

                                                              833B

                                                              MD5

                                                              b0131e87eb48ed3c9f90ef0781833f27

                                                              SHA1

                                                              2353ffb1ad03277cef415635edbb512d681dac15

                                                              SHA256

                                                              f0c207bf7ef7afaa206c77d6aeb193a7776bda2ecef37b1fc4aed10aa36d282b

                                                              SHA512

                                                              91b99d387190fcdfce9e3ff183998f944b9328ac2a7ec640c6fcd2c5df6c1cd378a3bbade32beb64020c7e44d15a62e837d98695574bef1d7e5615de6603ffaa

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              6KB

                                                              MD5

                                                              f9b5fc36d041739ca8a6ef318621d288

                                                              SHA1

                                                              136aa8501e816d867c6b1623d9a3af59fd2b0972

                                                              SHA256

                                                              d4ed2e5ee9aa9f5e1f5d95332d08b9feeec496299bf7b73c5a08d22fb7b36010

                                                              SHA512

                                                              dde553853643059d734e6f207cf666371bb817884e27953cd2b211636dfcf0da387b972b44f17887a914a625130c6b31f4adbd3171e5e0dbafaf125ed4aedaa0

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              6KB

                                                              MD5

                                                              d79f45febfa8bcd054aff22697d81a94

                                                              SHA1

                                                              8c9dd6a1ca0bb92f147a0828332fc43d22521129

                                                              SHA256

                                                              ecdb020641cf392a1f82908d4c183ccc30293448c0e8ede104065b0342669034

                                                              SHA512

                                                              c9c427180661119383a5a8997ae8d124647d9937df6e7297d75f06484ed7e3f701162a75be5c1b698de703f5cb5be14396c3506977970767c96905abc0aaa40a

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              6KB

                                                              MD5

                                                              c52bc57f29a3b582bf6ca6b9b9710551

                                                              SHA1

                                                              22aaa02ac7074eb24fd5b19f9da0ef7a6c917687

                                                              SHA256

                                                              00d741b44035c1a3e07e6406ff5b4ac101044ff066bea61ec8376dced9e259ee

                                                              SHA512

                                                              85116384f05036d0f8a8e96f01b6ee37eb569e253b198634079ba28fd3440b45f4752df268b97bb8f956ce6df4aaf0a03647cd7fa3fb07468d4263e402a34836

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              7KB

                                                              MD5

                                                              e2db38925fd5a43adbd2e5569344b2a1

                                                              SHA1

                                                              0b432bd76359e4de59526e1077b9563b0f1a8adc

                                                              SHA256

                                                              6f1625fed213f0eab1e0a9ee35491bad679e8b5545e181cc50a837e0e3447499

                                                              SHA512

                                                              864cd61d958997dff28f31eeee0c574188f84c180cccecc46deea826ecf022192d4f4f65c3eb3fe7d7c6af13efaff3fd18e8d721757d783a9d9093756db994dc

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                              Filesize

                                                              371B

                                                              MD5

                                                              5527baea78e5255cd9b863abc89629f4

                                                              SHA1

                                                              c433eba1aee8f8bd80f7ca494334850329541067

                                                              SHA256

                                                              b82ba643cb0ce10e364867054851d0cf12ee632570faa7bad94240b54527c2cb

                                                              SHA512

                                                              c243590cada49a153a0cc2d31aee644895a1af971343ac209587a2b6541877c69d6d6a169dc0c0b02ac47122ef18a01521bc3cdb4a34891475cbb4dd011e5387

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                              Filesize

                                                              371B

                                                              MD5

                                                              2d2901573cb0e2668d2c53d93759e6aa

                                                              SHA1

                                                              06a50eeaaada2293b4c69607a44e8ffee24a1c9f

                                                              SHA256

                                                              447b5c69df2d3cbee62c67057480c895b31384d36c039bf20a908152f79aa8e7

                                                              SHA512

                                                              62fd73d3e3ba5513bcb003428dd77adc53b7da59f0319185ac4d51c5718a484ff77f4ccc063e562e8464bfca5d47ce062fe3a51cb8a9162e74c1e7f54f2cee37

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5837c4.TMP
                                                              Filesize

                                                              371B

                                                              MD5

                                                              93f986fab4d9544709ea5bab563c896c

                                                              SHA1

                                                              ab83644a1f325ed9238b4ad9b169f2f3ddf84262

                                                              SHA256

                                                              a181b595545af3dbc8687158492f3190315de058ede9b1873f3a2ae6054cb4a8

                                                              SHA512

                                                              ee2f8edfbd06238c6d859fdc943f617cca8ea8d68b8ba07aaaab25d8b4e19dfa4b7d440d7b4b9f7355a8f766440516f32b812053c42143ae0bd2fcd02d5206eb

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                              Filesize

                                                              16B

                                                              MD5

                                                              6752a1d65b201c13b62ea44016eb221f

                                                              SHA1

                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                              SHA256

                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                              SHA512

                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                              Filesize

                                                              11KB

                                                              MD5

                                                              4a1852f515e0249d0b69444aee9eb6f1

                                                              SHA1

                                                              4d9cb29db4b20a31a3902e0d7e36d5fbfc19c9f6

                                                              SHA256

                                                              052848546cb8db95a5ff64da5834f6f519e5a46e43389a3f46bb504eacc5a5a1

                                                              SHA512

                                                              50823109c7983315c860d2db8d87f7043f53e4ce6a836ec2242c5db4ff6d0183c2e3913c31bb3b57f78c8c0259d77ffc0ba4a69e6d8a939d3ef4b833517668f0

                                                              Download Submit

                                                            • memory/5612-242-0x000001662ECE0000-0x000001662ECE1000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-252-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-243-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-245-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-244-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-246-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-247-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-248-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-249-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-250-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-251-0x000001662ED00000-0x000001662ED01000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-210-0x0000016626640000-0x0000016626650000-memory.dmp

                                                              Filesize

                                                              64KB

                                                              Download

                                                            • memory/5612-253-0x000001662E930000-0x000001662E931000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-254-0x000001662E920000-0x000001662E921000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-256-0x000001662E930000-0x000001662E931000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-259-0x000001662E920000-0x000001662E921000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-262-0x000001662E860000-0x000001662E861000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-226-0x0000016626740000-0x0000016626750000-memory.dmp

                                                              Filesize

                                                              64KB

                                                              Download

                                                            • memory/5612-274-0x000001662EA60000-0x000001662EA61000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-276-0x000001662EA70000-0x000001662EA71000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-277-0x000001662EA70000-0x000001662EA71000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download

                                                            • memory/5612-278-0x000001662EB80000-0x000001662EB81000-memory.dmp

                                                              Filesize

                                                              4KB

                                                              Download