c8897570a5f1aa7777767ef584f47600df4f05f9e782f77ea9e074cc41c3923a

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
20/03/2024, 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d7b752ce3f2ed981aeda1f2ea7140772.html
Size

87KB
MD5

d7b752ce3f2ed981aeda1f2ea7140772
SHA1

1ab747d7756d18c8338b5f88ed3c4a64f9bdc150
SHA256

c8897570a5f1aa7777767ef584f47600df4f05f9e782f77ea9e074cc41c3923a
SHA512

b07dbc49c10d21639f0476ca7e6e2469aaa78b4c0c46e3592051ecbae6463597cd775f748e21208d83d27f16aa65ec20df5a799466cf2202b84802ed5f44792a
SSDEEP

768:ekH9Z/BzCUDLgP8d7ODoS2Vnwqz+jKFe1wK3u4d1i9f:eG/BzCUDLgP8d7ODoS2VngKFRKC

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3684	msedge.exe
3684	msedge.exe
4884	msedge.exe
4884	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
532	identity_helper.exe
532	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4884 wrote to memory of 620	4884	msedge.exe	89
PID 4884 wrote to memory of 620	4884	msedge.exe	89
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 4000	4884	msedge.exe	90
PID 4884 wrote to memory of 3684	4884	msedge.exe	91
PID 4884 wrote to memory of 3684	4884	msedge.exe	91
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92
PID 4884 wrote to memory of 4672	4884	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d7b752ce3f2ed981aeda1f2ea7140772.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd3ba746f8,0x7ffd3ba74708,0x7ffd3ba74718
  2⤵
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4872 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 /prefetch:8
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,10634661690231019859,3448908045320974790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
  2⤵
  PID:3180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0e5cdde9-6587-434b-9f73-3fb6a8efc4ae.tmp

Filesize
705B

MD5
1609f51601a60ba7e01e5fd5672360df

SHA1
708cb117456e626633c1aa0ad9d869b2d2421d7f

SHA256
227ce194ff77eecb6186a43206077e38137f3347958f6d61610583357ada7e90

SHA512
d242326ac61036dbac8a5630ad319d3ac7beb149326498af52227ca77c7073872b8c657be1cc03fbbc910f3201b97ac57931ed0ae37748f2bc2324793011d244

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
46KB

MD5
c96bb38ca6650c5dd7b91707aa800641

SHA1
f4239097cf6f56b5bb0b314265e958ef03caa8ed

SHA256
d7fe4e9179e39587edb7aefeeeb7f8ffa6c1bf1ae262907183b3f4b4cdabf31a

SHA512
f71460d2bd5c88a9904b4d36ec1da8e1132f10e1cde914402d53ecc3f1667c8f7cc97b47ae31c59425be986c7ffe560a9abf4005be5a32f62c5da7c308d0d553

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
95KB

MD5
08d230ba31b9bde4b200ee6dd5fdf867

SHA1
f5300ecc13d854e4c33d6fff4659cf97d95da0f5

SHA256
9d92d28c916accd78a44a9bdfb49a4e506d42de0ada1150286c5de25a762550c

SHA512
e9949a1569b2c05d12e25b906a1afe24d3dd8785fa91a4c792f32e6ec6681c1ac238417010548945b652a8d7bf9d8e5aa806cc1baedb17a506de3f66c9ab5434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
17KB

MD5
ed0732edaa5f4bfd8e055f4c5b521e56

SHA1
119e745f20e7bc49b7b94ad66cb76cffdffa9d81

SHA256
5ee3a3ccbf63e813c66c92280a78e68900bc4e231c30bc5fbfe29d844cc6d208

SHA512
5c64b7cc92b149cc3c7e7d65982702d2bb0c8d6c79199fd2b30d2dae893c4cf173565c58ba68d25ebf640fa4a20023245f337f6ac774424061ea8d3ff6ca6688

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
33KB

MD5
ce044f273566a41ebd13f4194e00d5ed

SHA1
03113d7c0c6907f786f89aec3fa147ab3fc3feb9

SHA256
d5c9440c4a62c72dd0f54ceb4411e674e9c8f158fcce381ed3145e9b70067198

SHA512
ae766ab169e5bbf2085c56f4a98d4f24627b7291dcac2de4cc18ad5681e038f6602e5cd5b5ff19492550bc3b1d028985c112b9671a57b39e0cfe8141b30dd95a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
19KB

MD5
e6cde919e406d885d50ea35f02468cd5

SHA1
d3a93677e3844d2c5a6d44d139281d8a9dd96fcb

SHA256
a15ca5f30eb0024d39a88e11460590d93a8391187184e16803ced7704e38cda3

SHA512
fcb2f00923fcb1e80e794e32460ef67f4fce7a334de718c70d8c23df7d644b7b68c4bd44af4b6e43627dfe804724216e9d1f46b76c1a35483d9678448acd880d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
421KB

MD5
b0a50b1cbd2063650b298b7b88f8d7d6

SHA1
ca09d9402a73a65b53e47657ff1a8c57df7ba70f

SHA256
17b19aef17c39b007ad5334a0773c2ff52f103b9b5e339dfaf3011ad3425c830

SHA512
e9a9cc27aad729a1d0c2d7f6ce671f83245d16b35694d0373305b8c898510cbf401205568c403e1b191d1760a8f92b7ad369bc9ff8fea249c706c7f2cf9a81cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
414KB

MD5
bb7a2c266e8aea1f8698c3543ced6a11

SHA1
560f0579cd457707b670b16c44c7cb673599e233

SHA256
451f471e212cd9987b1a4de0db1017dd87affa3a55cd4a14b9a107cbc6ecca0a

SHA512
3ce42d048119ff7511efdbff0ccfb73204a0d4db7ff02155cdc2b50c725c343538be725ac88a4271574869eb6242db3eddd2529318f876b18bd2305965131696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
c6e345a5127ddf71ce80ed35c9496990

SHA1
7b620c53ad4519eecd15d03d6effa6c95ea662ca

SHA256
6048e8371915afd7cbf924b8d1f37742f45ccbb56e9b2e8de526000da87e6551

SHA512
a98521a618d036ddb46dc387e189da49aa6ef9c3abd06bab8d5e9e137ca6caf21785779355c9cf5593d37b500ec3811ab484dbaa27b9d104a1bb498a70011d56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
0e63241bc8bb6d69f658c24af3b6cd7a

SHA1
9e6f924906a76968b84abf3bcc2d57e37188c300

SHA256
8a936b39407266bed2e4f92300b4b5a0190a7be08b33e3bff8bbf0a1f2ac3cdf

SHA512
017c99c8d68f19e04ef56edfebc54b1ac784b7cbd9ba238b815bf83c065499a1bf08cc59271723678037ce01386fb1a17008652eac3e233fb110be66c63d5a52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
30c6bb7e52f4f5128338a43145bf6436

SHA1
ccec8a7705c810c82fcdceb24bea07108a5998ad

SHA256
8c0ce83cb5d9f7238ba49f637a3c4ab9724456ac7ab616bcf5b0cfb2b78d4c11

SHA512
dcc846323f81d34dd4a2238f8bc9e6d7668a932c30ce521b4cabf27e9a14f99f09523edd5cef818d4312c9bc9306758b1346bb135cf7ab6ab9b1b9da60a8b2c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f02c2d48de3c2519bbbb13dd9d366d79

SHA1
a1d3de2071f00469339c6b847b13247026b2af3e

SHA256
c6275f129a055981363ca9c858264a602679d944f6f8661660d79afc9f652b66

SHA512
09b8ecd1fd51bfb747f46102f4f04ba64954b6c14fd1e2d8c5d4dbad8832cf1ade6f66879daf15e2b83e89d081cdc1a0f8f1c0e073bd3b151e44ac1f8b7758a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c97ab409a2822027b2890d164226314b

SHA1
e21b897da4de19b65649f0cefc09a8efa116adae

SHA256
73606d6841db6c1fba8d09e7e74d56d257bf8ac685eb5955fbaa66eced7e9ff9

SHA512
094138df57f35681e3da3b45e939a46c95500983efb9f5f89b181da5c2facb16df453b74feb96391c4396fd666b0ce359f26e615f88878356102d3e336bccce5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e43405ed0cf668bb57dfcc04a3d7f11d

SHA1
c59b73cbef53f6ada71ac5f4bb1e752165a631f7

SHA256
40660cebf6a256163821474929c393e1e3e5694db81d146437c62c325f980cfb

SHA512
b85a76c5a7fce75e3f0cbadc3c7572837745942c675a787d39b1bee1dcc778e5de919424ead1e519b564bfbb050bcc94798761255e78de2981c55a29e053f5da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f096dbd73004a7f6a0519dd40c5a8ebc

SHA1
5dc805b74d9afff5b99e74ee3413f5e5906df714

SHA256
f9e8996f66a9abc99d5f25474e4de6a9353f7362b2ae9f1df399794eb4d4dd45

SHA512
776f1d02d23ee3fade7cb4630e2b951e3fb11ebdbc71dca4d280d708171bdc2f44a491f46271a923cd813c88becbdffe16712f834f9e1d921b8e2c708f97d66b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
df0e5239ecb74d7cb782a1e6a95f7fdc

SHA1
ca49c1763c248e29f452d1f014a95cca90dee4f3

SHA256
0523337b8868f11e2a40186cae082144e1c26b088fdc72048f9539b78279047b

SHA512
5db786219859160d09769b45ccf748ec0163700b31d8ae5e2688e2b34f5ec680062afc307589da003230a037d34bb159fb6e1384dd5a6234e8f24eca3a1fb2e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578c42.TMP

Filesize
203B

MD5
cbf2369a21c2427f65a62df3fa38dd5a

SHA1
7ac3c0b95f2505a6434772c5037ca173e54af1a3

SHA256
05d0795f1f259e0e2300c996f93a45a1e39741b87dec4f176f026a278d8bd74e

SHA512
72d38038ecac180934b8a65c38fa032c5f05fde89d9b2a8b2b759751199230f370aa8bebde3a600ca273902b5b21cc1ed41ff0a4a326ff6b62d9ce29d2bb4090

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f1e2f5c6f84ffcb4c62333bdbc21804b

SHA1
0264e4fdbb32424da329bbcef6dcd42a97037f83

SHA256
5ec4a934a01b70b8aa0672f3aceda42edd9ee4bf83eb0c73af1d4302fe892d94

SHA512
a2b3c53c8a1cdd1460e1272129d0a97f48a73c0f41b1e8ff5f4bc236c5d113b0c1db5fbfa818f53df1c8bd9e7d09a48243e8d31535b6f7e3c81e4f94c3402734

Download Submit