4097847bfd06ec8fd4ba83e1aea76f54f62e1869e6dec310e2d92de9ea0159dd

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
14-03-2024 03:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c78e104e7b8b0d850ce60488f31c0522.html
Size

432B
MD5

c78e104e7b8b0d850ce60488f31c0522
SHA1

4b7a26e75d78fda71f79b220cb8f8392dd631ab6
SHA256

4097847bfd06ec8fd4ba83e1aea76f54f62e1869e6dec310e2d92de9ea0159dd
SHA512

4235d78a38ca9261cc0bc03ecf3fab1bd1c33a9d83f4d6cb8480c06982d60095d6dd2944452d7c6d879660c3017b372bf4e3b485dd5c68dd4f44747a2e5ea5b8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2564	msedge.exe
2564	msedge.exe
1716	msedge.exe
1716	msedge.exe
1412	identity_helper.exe
1412	identity_helper.exe
1492	msedge.exe
1492	msedge.exe
1492	msedge.exe
1492	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe
1716	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1716 wrote to memory of 5116	1716	msedge.exe	88
PID 1716 wrote to memory of 5116	1716	msedge.exe	88
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2212	1716	msedge.exe	89
PID 1716 wrote to memory of 2564	1716	msedge.exe	90
PID 1716 wrote to memory of 2564	1716	msedge.exe	90
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91
PID 1716 wrote to memory of 1660	1716	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c78e104e7b8b0d850ce60488f31c0522.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff814c546f8,0x7ff814c54708,0x7ff814c54718
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3732 /prefetch:8
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3732 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
  2⤵
  PID:5388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,3335173157110583943,12847717449175906340,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1492

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
47b2c6613360b818825d076d14c051f7

SHA1
7df7304568313a06540f490bf3305cb89bc03e5c

SHA256
47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

SHA512
08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e0811105475d528ab174dfdb69f935f3

SHA1
dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

SHA256
c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

SHA512
8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
db6b41c9f66c0710988aee1c98fe9e3b

SHA1
cda9a7c90d2da35851256aab5c34f51679ea9ece

SHA256
4cd23ffb89f2d0a9ccfd345e27db94005e907b78c62e37b4bfcebb7d9a026720

SHA512
62cfceec7b5f40f546899934207d1ebabe2f68166a0ca41cdadbceb1346b1bca0d12aceb8bc5f7a469230dbb281665422b9e2ee40d9ee308694021c1e48940cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
79f6153de2b450cbf3ccf26b245f5735

SHA1
31ce398e14b50f0ce30878bb61ca12e941028ea8

SHA256
f2d34d34efd952015f6737db520eefc77fea116600ff19123c6f4ed7ff7975c1

SHA512
4c175e0a2a21f258ee03b7d5fda31d9b1e6be1595facbd3f06694c93c236a09347864dee24f678790ed12a2b4e7cd547a98482651d515b5b3eda07ed81abe624

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_worldfreshjournal.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
18566b66eb8c7a2fbbd5f4a8a90bc343

SHA1
b46904ebddbc5aec6b3fa2fe42e445887c4fb85c

SHA256
c9913533831b735463b58807f238cc71ac238cba5ce85a497c9a3bc1d3c79b19

SHA512
efa10ecf86d3b9c44e6519766396584226dab45b3271e7e7f304c70bf59da0d45111af15688106426d334c913d80fb245913a2d0a5183db145468bcb47588b92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b44b6615331386d11ffa563751473b65

SHA1
1bd2c0176d3198959a13fa318d83489e883549c4

SHA256
9158a9602fe71f61183a9a8e7c0b639c01a3029a928fac75e7424ccdee80a42e

SHA512
1e47bf30b361bb387b31b0ec37ba504079e119acc8a6f464651deca0f457b3f644f8ab096cdc57a8380e835aa56c68fdaa2dab80adb390fbd0d0e21fff9cd66a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
09a1eaaf7ef38dc5a963e9338f129f2e

SHA1
a9b35667ded5f36f6db2e1b1fe584eb1cf5e1e6e

SHA256
ec621ec9815573452acaa8361fd3f6ea6639cf40b826cd07155fd6f0a6b5b969

SHA512
2abddb8f90bfa36c3931c78976b26e01eafd6dbedf02b3da0f372bce6a78204b979c1566170f461993360394815468d3e8ee044bd679b5ee83353d03c45cf6dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
d52f50b57f61f9085376b54ba82dfa29

SHA1
96c0f766d44cf3d18ee9787edb0f9340855687d6

SHA256
40311a3e801b9d6582545a524742b7ddece60d8142cb524932b443e6f09eac2b

SHA512
f8c1a81f933851fdccb09ad8053b295cdbc68023422180ebe053a54a2cce8b837687a6eb1f482941f55d58d24ba80a8760ef5ed487bc86701c54b5681ce2dda2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
7168cf563dd48d4b2f51775cad8ad782

SHA1
8b02369c82ce275a2b9f76c31076f07f2bf28194

SHA256
ca757297c25dec50b54609e27d311ef61964c793617e7b995a7a34f7cc0181ba

SHA512
1e40e85c22c5eb4503cae813fd52992b5db38f5c3aa026b3d9b3fa7bdad0b1f609628b5769834103eb996cc389b363112d972079a9ef49fa75cda113f64f52d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578bc5.TMP

Filesize
48B

MD5
e60fae7c569ae39a9fced9684006aac5

SHA1
02a5faf5f063a33b98fdf24e4b7a3d6cc921b0ed

SHA256
63d2c54cc264b07e19ed1a8b06c09062a938292bc54f9ed59088c77878b3bb36

SHA512
b3a3a198adb4d033b4e9ce93c8db96c515e0d00fc0a725d53fc930165a7f7aa1ba10d26903697b70431d310d007c14e33a57eadfafe414471aabc1fcd2f2cf1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dd8ba75e96240d66a55665228b3f1a9b

SHA1
7e5f37791cd31aa1998548ad6da8033cc5adb5f1

SHA256
2f7baab69b9dfbf701b3e84d7c7acc6e8188a3f67140d3256780e3bd0d11b78f

SHA512
dcde0cd0bd81ea8bae655369809c1186292e7e0709bf72a0d694b175c3056d27dd33904889c625d4f6c79db570aa25fc9ba45257af023d67f1287c43c582499d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d2f0.TMP

Filesize
1KB

MD5
119a9c4b833e5b827d20e1d0058b40d1

SHA1
87f8eaa84453cf431668f5f8968dbc570dbd5a63

SHA256
f9bf308377fa2f4cbe37b5043306bcf48bf51cd412abdbf369c4834a5a47ac9e

SHA512
83c2b24413b20fceae20665fc82a74e809b6b1750b30a96e105fc1caa9d8d43ebf0d8cf8411a5c1d53b7ad1a4a18f9a879ecf5fc9feee28eb6afa506a828203f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
4f7b04140635199523e120e6ecd7329f

SHA1
5d8f7da5d4e3c115fa0f8d2ae598c1f89b3446d3

SHA256
8140d26bd01f5288ffb974a098956f69d54d847ceed04e8aec8ce58b3e18dbcc

SHA512
a824890fef52aa9efda79a498ab103ea8635c84ca0feece53f771db9a2520aff37cf6177a517175da93e0f43ff4c15cd7b140e7c924f55b7f619d569049703e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
4ebfb5eb46330cd4240885c81a26dc95

SHA1
bf4bae3353d449534be0ef365dbbd59c5661b722

SHA256
0bcee989b78c5f42e229d56c5d3632b40046e2e8c1313762f86469c37fb2d60f

SHA512
cf33cc8778b923124875ff59dc885133362287543dd289d3674994d2b9596f1a604b618050929e935d349ef9b82c5d792d148d89059b06c63626a7604e16dd42

Download Submit