hxxp://bit[.]ly/3Tge7C0

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19/03/2024, 15:29

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://bit.ly/3Tge7C0

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
672	msedge.exe
672	msedge.exe
3504	msedge.exe
3504	msedge.exe
1556	identity_helper.exe
1556	identity_helper.exe
5568	msedge.exe
5568	msedge.exe
5568	msedge.exe
5568	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe
3504	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3504 wrote to memory of 4972	3504	msedge.exe	89
PID 3504 wrote to memory of 4972	3504	msedge.exe	89
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 3908	3504	msedge.exe	90
PID 3504 wrote to memory of 672	3504	msedge.exe	91
PID 3504 wrote to memory of 672	3504	msedge.exe	91
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92
PID 3504 wrote to memory of 692	3504	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bit.ly/3Tge7C0
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaf96f46f8,0x7ffaf96f4708,0x7ffaf96f4718
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3028 /prefetch:8
  2⤵
  PID:692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,5131511409946869420,569511967994480756,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5568

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2320

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1596

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
0e515dac7184b4765cffd08e722cc221

SHA1
ed13caf2d7d7d5d2f70f37d0089e5f0bbb1ed174

SHA256
1ade33270eb4699a957afd640e37ecf2383266f3e56c4c8b5cb0d5062e976fdd

SHA512
31084b3d7c8c4a8dd29ed20f86e985809412d9515116c0b3b006939d6184472ced72956f6b412ee1a1ce6c7c8c8f60751bfa31f9ffd072e69d26f2fc659343ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_cassinopix.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8282adc68130c7af92285e978ec0b379

SHA1
1a072e16442dd96e186c57dafb0e84ea0f2d5fa8

SHA256
681635a44eb9776bbee8d487dfd3b9af3d274e34ad3ab7934025bd73c7c280f2

SHA512
b91577e10d60ffe0553643e880f8077b105b3e750a70678373bc755fb1010b31dca6335ea220ff37b17245e85358895ac5e78cab07d5f0e0fb43a831b0769398

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b9bae919a6171200ec9902c7a5e92299

SHA1
5d370b2225c02a110516683f4f5a3fa0885f8b2a

SHA256
096047c5dfdbf083281a1ce1de09149983452b2a51465a7c91d316b71be0102c

SHA512
27dbbae7ab477f11a74e260f3f8c55f835ec6a46be976dc9358d9a8d1bdf1fd229c8b6104be4f442df20f07b8993b165fceeb7f1f1bd8d63799b99831e0c6aa0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ab7817487b44e4ef9facbec682ff0985

SHA1
2a4e4cc15d2e4bf7b833833efe31409423184b6c

SHA256
71e2946b9054c3ed0b60bffdb21acde48715874ca988372a37780df86885792c

SHA512
62fd8dac4e9bf718f59be3f06e255183a3c29fd20e268659b2c3b44e6fc82b6ba3a7c5768382e7e34ef061183a6bc92de6641d8b6a75f8493f8b9c6c3ba3a954

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ea55e9cd427fd397e5978aac7d226f70

SHA1
c5d8d10985f5b8b59e0106e9171370fd4b4cf9b2

SHA256
7177bfdfafbb52509beb36c63aea29d57c4f06e89d9c701129cf1bc48a96a7b0

SHA512
b80698c6e2129b4d9d28265bf489640fddcdb291c8ea86f095d2aec7cc43f6ced41e14fcb75069f411be3d7faa82f3dc4d8f0b59b70f7913a41e50d43cffbb51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\28ca5362-c8b1-47d8-b4ac-c703b6871e15\index-dir\the-real-index

Filesize
864B

MD5
f9e99666fc86df32294d96ab04cd4c2d

SHA1
2fdb32eaea026489c0d3ca002a2598bd65308fdb

SHA256
5fef729287675b91f46ef12886ec916beb5ec6112be1807bef1b434a7aaab8b6

SHA512
2f1cd2119ed296fdcbbaa5da2c4433d1e329179ea91f46b54e766260d2b0757148282aa1871bef7441b4618701c33046fc2ecb260cf9d667db1cca9a420c91d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\28ca5362-c8b1-47d8-b4ac-c703b6871e15\index-dir\the-real-index~RFe57bff4.TMP

Filesize
48B

MD5
4c949772285f88a27afab9f0f761b159

SHA1
d695ead1096bff498e3ee16d22af6df04bc8fe22

SHA256
efe2bb9ca0da6cc305fd66f086c8eb274a64d0f2a65372fecb87324b2b679e05

SHA512
644adbd63eac45bf7b64e93ac0ff0ce9b35c60811e9fbb6c18ab62b8321be7e83c099f67b6672dc7c26283b222fe41070bae2a8ea09771ca6a8e6571885c8f4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\a05912ae-080c-4431-8f9d-ef788ceb0d14\index-dir\the-real-index

Filesize
144B

MD5
ef3643c64a444d987f8eaff5a24fb7b0

SHA1
241896c6d33195283dd515dbda32648aca6e37f3

SHA256
d36ea9e24811d3df82d91335c9060cd34e43fb4730866fbcfdaad2f5f3393144

SHA512
61772ef50fae9229993c7eaf9a89ee9996a46cd735e52953c461e924c16a54e60d7ea0e4e88fa1f63155a2a0af922a208b893691dce5d24a6126345cab066e12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\a05912ae-080c-4431-8f9d-ef788ceb0d14\index-dir\the-real-index~RFe57c004.TMP

Filesize
48B

MD5
2c519bc065f2439284d592d171614dbe

SHA1
912e77b62d99f3af3ac6afbd40a89df9aa22f224

SHA256
e75234cd867366f13e33983b64286a837b4e5b53041fb3e9bd4f0c92b201bdc1

SHA512
2327657dcb607e1fff480378a076a9f8eb3e46f8eeb1a34037e85f40a5fcf3723e1a04a649fb1ec9a0554f2f907471da02c6853e36a2670de0f75bc8bfcdec27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\index.txt

Filesize
96B

MD5
dd6cf0fbdd8658c3f83750371cfa28d8

SHA1
2376339623294c52f80409fc20cf472d78ada4e8

SHA256
37701ba2afc4846c5790a6a756726c2610a3d7406f8a764056f28976dd2378dc

SHA512
88ce6e61858770eac9f3c4ae389a3c71b6f9c6392a2f61b987da3e75a7ae9845e4c81a86a8b0f2c9c95eb4a71093b209b90c6dab111bcaca3ef6e8c773d79c8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\index.txt

Filesize
170B

MD5
95ac1ba74015a67979d3414ea8bce89a

SHA1
2806c45abd7dfbbeb964db4e7dd554a628746584

SHA256
557f0e0798d68e7b6f2c60e78246a02afd2d67b809588dd65f135e5ffee9d427

SHA512
28e48db873aec1fb96321b7e76ac3bd90c3626ce86d203b80322aeafa49773ec1b73988733dca454d74f597d9e507a8fb4655a128a73f46c1ca0cdf7902e30af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4e21b50d0bedcc215cd0621daa29ef73f6d53b3e\index.txt.tmp

Filesize
168B

MD5
ab87c228c3f34d5902566b2f8191e009

SHA1
ce740f0d223f89bcb9cc188c509bd8dd199934c1

SHA256
6f0db610e143d2c5093f35263ce49d3238e49897b063cf45af6e2a66d98aea05

SHA512
3dbc3171fac9a6809b1c8be34b1cc497ffc634cbcf33dca4cb24b980c4aabe303d7559f00408a3d6a8908980a2855e775e9a32e7cc19d8ec48d631e862a62d56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
cbfee7f71ce0030c2599ac3fd17cc546

SHA1
f50462fdc76813436cc6eb36eefac0e113008d36

SHA256
4f951ca77ec05f91943e10f8ebc9f22007c00cb254bc1f5da6ab13b3cdd99307

SHA512
ca4cc4eaccb2aa79d7a4a7bb06f6869974b946197da5b4b671757c5f4455dbea5f499605a29d0ffe1c032a3e4609c38a93dd0afa0933b14697ddc64ec70c857e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bb51.TMP

Filesize
48B

MD5
e9a3ce988a04f07804cadcb9bc427753

SHA1
52393770045d9529ca68a221f1c8a401bea404a9

SHA256
31e6e4bb819c7c462f02fc5a1eb8cdf38a4d88dc67c15788b199cf771e65c01d

SHA512
3242a97b557aae88192e58b2640d94eba345b5f31d810b54c782ff78381fcc7608dff9fdb1e1c2f286ae0b5ec577f74cf03ffcfd1066d2b7b88b71f52f4801a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cd4790a3f3b9ef9b700c7fa429140888

SHA1
018360cf92cfffed0842e6a1902c123af42f1e28

SHA256
7f44e06938c77874448229787ca208471af86bd99286e5cdc0d25fbf04e754b0

SHA512
7c9569faaf915a6f1db98b69927266927dba973d808449e517ac260c404c46174b1b070d7fd034e2f1ed7a299abeb73d64ec4aeea3c4c41a4ce10881bacaf371

Download Submit