815f5d7687d688d8ba559489a83179d6914ad14c3be7b6d1ea5fb7bb1e935e5a

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14/03/2024, 13:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c8c0772b1515f155ac4ffea040d89944.html
Size

428B
MD5

c8c0772b1515f155ac4ffea040d89944
SHA1

ead8dc52d0d78ac80a8dbf19a49e57611b15149c
SHA256

815f5d7687d688d8ba559489a83179d6914ad14c3be7b6d1ea5fb7bb1e935e5a
SHA512

70c7892cc5ff8b85581b985ebb9cb4e8f57ed333bba2d33179041013e9b53a81b01486b1a7fbcd3a31891b3a56a8a8e4406571e5cfc6d34d5bf89e1acca0defe

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3904	msedge.exe
3904	msedge.exe
2900	msedge.exe
2900	msedge.exe
4720	identity_helper.exe
4720	identity_helper.exe
4436	msedge.exe
4436	msedge.exe
4436	msedge.exe
4436	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe
2900	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2900 wrote to memory of 4928	2900	msedge.exe	85
PID 2900 wrote to memory of 4928	2900	msedge.exe	85
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 452	2900	msedge.exe	86
PID 2900 wrote to memory of 3904	2900	msedge.exe	87
PID 2900 wrote to memory of 3904	2900	msedge.exe	87
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88
PID 2900 wrote to memory of 3076	2900	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c8c0772b1515f155ac4ffea040d89944.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe36d246f8,0x7ffe36d24708,0x7ffe36d24718
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3492 /prefetch:8
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3492 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,6729645578287919860,2660151900944375505,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:832

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
05fc2e9661b0527ccaa92a9109a5c6e7

SHA1
daeff6edf5e294ef5dd9c50f8d29c87826182005

SHA256
e894c3ceaef4c251da9b91ee4d21d67404820ca61abe3f3cdf1a4a42386e78f5

SHA512
321e04d6687d38ff63e4ce55971663011c502dbc8ef2a6288c88175cb9d30b4e9c0af67e8fd253845a6eefef4c1c71296ad9bd8267992eaa6a4bb9bdea08728d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
a7ec9dd2b27b0d6fb259fa1f27f6b638

SHA1
b901cb6136325f9dffd06ad43d9056254931b2bf

SHA256
16052a4841af932d889ed53064e1292b19224a0dd765f6c2a9e7fc4640b93a2e

SHA512
5acf634f420e31ab95259460ce7a2d505fb790a7fe7c170f0fbdb1645257136a54b102e2b2cb9d7659ec5c654b1742b4942fcdf956bcafd774a912df1b604673

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_worldfreshjournal.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8aa944d889f975d7b2ccbadb57fc2671

SHA1
affe5b8e6375ca5b075c0b380c1f5d53d19efbdd

SHA256
20c8215aa5c5b09371fc12e44a573be5a182cf4a05897ffa93fdf7b015874a4b

SHA512
3b6786156b52840f6347c17a46b4b001c34344af9a9f121beec38f4099ffbfc796e68754f20530b0705d6400f523c9fe2915c68c4e44548afda63f406a4e6907

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8f4910e4d82b130b02094960c7416932

SHA1
1ee54423c38c432ada18bc49bcffa343bd4b878b

SHA256
7c92d5407b23a5f86ccc2f6654e24665be706cb4811b010c1f3f7c1980021f03

SHA512
9e299cb92ba34dcddb4fc234c9c918dd8db48ec46ef493e660eebf9a44b57a7992aab60331aecb4fdbde422122f9cd7b7ad3a448543422a49ec2ca367d807cd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a405f63c30300ebdf51c37d8b35d33c2

SHA1
7c8412b7e082a461738e30bab89900b15eebeb87

SHA256
af0a5ec2f0b3d434cfc98a22b62feb9eeeddc0db986fdc6cc98bb7eb5064e62b

SHA512
bc0415e745e494fe16181e3c5d5b775d391a3d9daa1411f9948886bef56ded4dc24e60c3b0bd856dd4a2f61e4dbacef6e6b9c7017afbb0d972f999dd42d832c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
821610640a7faccc6061981445382782

SHA1
9fc91cc07b62a352e48999ed4c725c60c96e3384

SHA256
8e8dee9cdf0135b786706c1a644faf7a63007f8a59366a553833187b9405fe6d

SHA512
0fa898fda5592dd10feabf48ba272185ad5208d2ba6895f82f38666db8c601471e59295af480e4efb101d974f5ca88efe9a6586e6c1f2472e08df2bfc6301b8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
92aa0ee33b26e9fad22da653e0299a45

SHA1
eae85df0d9cd5f6a0145cd1e73ad8add5881e3f2

SHA256
baca320ba48e18c96325d2879b5cce9600c9d091a51c52f5bf0ad342021c70d5

SHA512
caf41e42763e104317836dcc8e5e5ebf603b17211f3d56623a87da8bc903d78a23bacdd37ab677fa07c1c0c53ea81d95e77d0bc59a67abead9ef12622b036f6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
bf407e14fb21752ae9897f602652f527

SHA1
abf105b987ddbf0ab9567e4f68f6440d2e86c606

SHA256
95f367bc001f5b214865402dcc7efa39af5b6554254ea496abf7dca95c39f897

SHA512
b70941b8a8de8ace3bbdeeff24d0af56e19c89e5ae38030422d96be9619bbd97f0f70d7672eea8bfc760d9586a8ab2d17b94cc889055cb5045de725ff1a61d78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a9ec.TMP

Filesize
48B

MD5
fbf2150c249f9b484b2a514e21657039

SHA1
3dfc2901869a9d5e98fa3c4195965a6c17ba3ebc

SHA256
cfdc3076e4bd3cb3b7f9377590d1ae15b083f0c497622a470505509aee7bff83

SHA512
633607ef1b9db891fe5b410fe701dbef6f450de3750514ea255ca4d032cee23674983f8b52d7cc3913b9aee4119b79879e0098b4c18483f9b44dc375674c8682

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4224eb8ca95b5178cafddaa125e9c2d1

SHA1
73dd50cd9dde4c1c5e0be70271a38cd6335069ae

SHA256
f420bd982cd5fd2f5529af7cfc33dd4cb9c9cff7017f843f5d0ca3f9287c28bf

SHA512
cd00e6a3847a94cf24866836ffc0a9fa7b8b7520b81c20549b32b091f566b0eed449e25b055cd33d14cc718ed5e126a473b04e9bf0819ffe73a479938280d4f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
06e2443f81b80974c19d3bf700f0fd21

SHA1
773d2600aaa5636fd0481db28a5d21c92766ce48

SHA256
d5da96660f94098de2a612310f2456e8144cdf2c10a6dab00002022a748ee007

SHA512
5cb8af62639b2cc0738bc1ccdef38bfbcec908505cf259f2a046cd9f39e8a3ba45ca5acd747200391387123743cfad1a7be1596488aea9b7b45aa53a4fc872fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f3f6e033656b3d0826c4816845a28229

SHA1
5bf73db235f9f2aaae6ca7118820100b6c8136de

SHA256
f7aef40fb1e2f80fac449f72616bb73239e21abc92d2145ff04afb5c155eae7c

SHA512
95673c8b6c1692b92672e27d183c854130c3b227b8ae8873f7b39169a969a3dd6a18bff6af1bf8200af348c18859a9fa65ef3aab5317e92395c4f0ae2a3cfd0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a894.TMP

Filesize
1KB

MD5
35fd74e0e28217c25a3acc89957332ec

SHA1
af4c6cf354264acaf1860df4d318eebc79304ec1

SHA256
563d8bb107ba4c83d0669acdcfad761d3e0c5645b87b13be15e252bff2691b73

SHA512
34f50c04db3bef73eec62c3543361acc0d0c7d96be4b4dc786352b1ae3f34426063fa05a746c9f967f976ce7a3e76ba19842f6d1938db55dcefb3b044eea14d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d462417533227c86250f6f764214b695

SHA1
df9ab82babbbec2bf35804f1cbe86e751617a11a

SHA256
32da693654ce74916b3d4a0d720fcc175400a97ac10faf4978f4620bbebe6eab

SHA512
cac8875863338bc8f65c873b32028bcc7a435c772870717fe38f930cf8a493c4df3e8ba1426068cbfda36d0799ee67bb6b45783b57b3723c40f97b4456cb96a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ddaa96746bd1ffe7f925b20c52a1b743

SHA1
e7648237ff368d58ba1b3c60e654226e7988b640

SHA256
1d7a91ef6affc3e37503be51ffe576fc9d8a3d97d09186953404d1a67689c060

SHA512
ff0b8ce4276600632b2102333a7e073e0d637eaa5597079827701ddab060d2af58c809496fdac8a2e3348ee3b60e5e2e443bfea13f4c77b707ffd59789fa9d1e

Download Submit