c3af8a1cc69a302db7d93211e9b7790954d6c83319f204a53457bdf2ebfcf877

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
26/03/2024, 14:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Lossless.Scaling.2.7.0.4.B5/IGG-GAMES.COM.url
Size

196B
MD5

882e17d630d74b64a8176e38e2fadf7f
SHA1

d6652d568db451c03b73eede688e0124e2d54ebf
SHA256

6d905d76e7d807c5831231d791f2510160dd56018ae423a037e7ac88fd19412f
SHA512

2baac743dabdbf133583c4d500699673e0bb2b2ade89f0a660eb17bfb440f1d74814ade3b82eb07d776f6a7c1b1975f25c6c1c500edc589897bc304a9c9fb3b0

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4248	msedge.exe
4248	msedge.exe
2652	msedge.exe
2652	msedge.exe
1972	identity_helper.exe
1972	identity_helper.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2556 wrote to memory of 2652	2556	rundll32.exe	89
PID 2556 wrote to memory of 2652	2556	rundll32.exe	89
PID 2652 wrote to memory of 868	2652	msedge.exe	91
PID 2652 wrote to memory of 868	2652	msedge.exe	91
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 2552	2652	msedge.exe	92
PID 2652 wrote to memory of 4248	2652	msedge.exe	93
PID 2652 wrote to memory of 4248	2652	msedge.exe	93
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94
PID 2652 wrote to memory of 2244	2652	msedge.exe	94

C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.2.7.0.4.B5\IGG-GAMES.COM.url
1⤵
- Suspicious use of WriteProcessMemory
PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://igg-games.com/
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:2652
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7ffd3b7746f8,0x7ffd3b774708,0x7ffd3b774718
    3⤵
    PID:868
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
    3⤵
    PID:2552
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4248
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
    3⤵
    PID:2244
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
    3⤵
    PID:3860
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
    3⤵
    PID:4344
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
    3⤵
    PID:920
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
    3⤵
    PID:1536
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
    3⤵
    PID:4936
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
    3⤵
    PID:3320
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 /prefetch:8
    3⤵
    PID:60
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1972
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
    3⤵
    PID:60
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
    3⤵
    PID:3900
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
    3⤵
    PID:5568
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
    3⤵
    PID:5576
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,12129606415446817399,1062244000228069196,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5668 /prefetch:2
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5108

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
d504521caa50b342c333e0a13f9877a4

SHA1
791a7d3544743b6ec4ea0f20520a53b708953ca5

SHA256
df2ce2e20c17897dd0255357f4f1671db2eb5b526f770fd82bb112312d3420e6

SHA512
b019495348103d259c6ad58260bdd813bf9b17882d6e5f22ffe2d31597d0b4cba5b1305fda4eb404ef398e1db9c35239125613828eec6b31f3bec92a938fe3d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9aad0f798e4c40a8b3bb44e4b0e2b7f0

SHA1
59288baded074ffbb1b9fdbca9d3e4aed9ae7ab0

SHA256
1054ac844edafe7cee5c1699938de018e052ce90966f6cc7a97b68828e996a09

SHA512
3b58a38db0f4b10c65c783c78cddd4a8eed25f4191326a41eaa67649697f14d4b4e8bea218854535af35d9dd0f4244a49a56391ffbe01e53b59574a619e0441f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2d49108e94a8549cf1f52d4fd1346842

SHA1
a7b973cc8c69c4a4372aa60affe6676e923fca35

SHA256
7ec35581a0954849b79eb1162e2634fab831e3549c09d0c54a69933f7f9b360b

SHA512
fd2c4de7584ca5e3551302500113eaf4ab0058acbbded5ce82362a2358cbdd315c46f6f8770550c705404141404fb23a9b6fbd3796e1dcab16dbcc1f64958c90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e7475b0af77a0103203d2201500c366a

SHA1
671b1e07e0764dbb22104a50db640c0ae09a229b

SHA256
72175d167027d8cdb834778440fbec9ba0570f46fcd057228ad58ed07d8807c1

SHA512
89a24fe9efd3fec474d15e51d6efff1ed668b74e6180990239a6621e47d4fc2f4763fef1b609b45088e912741e3534483e05a3550f256cbb298900241e4249a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
5267c66f453c6647ecf7352bd5b97c77

SHA1
cf1030d6450ecf33558be2a3cb60573b9a0d5a26

SHA256
43887dd54e756b0106c2ac4f31e9a921a14424fee36c77fc23116c826ba96f96

SHA512
6a84e05af701746bf612dfd74d5d9588aed6b440cab1b33ae1e10841db9ce4530f323ef59cf0d287c9ce442ebe929654f5956f0000a19b3190243400ed7c6f77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a25a.TMP

Filesize
48B

MD5
49ca1d08a027562d13a7132b85ee9726

SHA1
7fa5aa78c9183dfaac8ff45876d16860e0a765d8

SHA256
5b712e7bf2c662b370f94fdbfc735a17505ffeaff16bfe59c67c8c1241e98297

SHA512
fcbd0dd5e7cdc632071e46ae154f4e00a309ddb6d06cd53f9ca0d4f7e0c43e498638af8fdb9752c807dcdc0e1831a6588e3a5068b77f1e96c171e6460c3ff8f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b2aa46f5604878f17d075e6aa76d27c1

SHA1
04c4da340072e4fd62db0bd90c327f6c11418614

SHA256
74a34ddade981165e2dd1e56275ba2c19785ab3ba70e395b5270c4733bddf05b

SHA512
c01e31345daae85fc0e0db0add28b100ed601ca75751216de141c508b5f683c2c62c56025b98d6be42ba57e54e70cd0a9d6f00af00999d37c618317666eb3bc2

Download Submit