f397f7e6eb8d104dab51503b7f9ff0beec43665dfd81f25e9a40b9ed76b89f74

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/03/2024, 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

df8c77a926dca76737741aea0eb077a5.html
Size

432B
MD5

df8c77a926dca76737741aea0eb077a5
SHA1

fe7df3c337eee4c4d0a09bcfde32a2e7d3d34dd8
SHA256

f397f7e6eb8d104dab51503b7f9ff0beec43665dfd81f25e9a40b9ed76b89f74
SHA512

dc5d2edc7c1321933f55100b03b987e4d7aa8fb2e4e443fa3cde4c068f542c2b98dfe082d6b9df2fbfcd069a47ec4448dcd9cc1ce30b6aed9ed68ecb4e64b068

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3740	msedge.exe
3740	msedge.exe
4556	msedge.exe
4556	msedge.exe
4428	identity_helper.exe
4428	identity_helper.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4556 wrote to memory of 2188	4556	msedge.exe	86
PID 4556 wrote to memory of 2188	4556	msedge.exe	86
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 4372	4556	msedge.exe	87
PID 4556 wrote to memory of 3740	4556	msedge.exe	88
PID 4556 wrote to memory of 3740	4556	msedge.exe	88
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89
PID 4556 wrote to memory of 2036	4556	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\df8c77a926dca76737741aea0eb077a5.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcbf5946f8,0x7ffcbf594708,0x7ffcbf594718
  2⤵
  PID:2188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4236 /prefetch:1
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:3704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:2508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
  2⤵
  PID:996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1368 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,2819603478472902017,11859684525099464486,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5116 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1328

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1244

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61bd5502-5f2a-4ca7-82c5-fd036eaf5144.tmp

Filesize
2KB

MD5
fe24994ed7535ee0adfeef20342029cf

SHA1
95fca45951c42a3a0709b9e4e60b7602552b4280

SHA256
500be712d8a171278730f2712f7b7b43b387f52200629facdce767337972ef63

SHA512
9c6da7a490af05f8466afc5b7ab78731eb8357dd45ee552615bbcb2e80ef23421c59b2c25cd0621666e114e995d10782181388a78ce4462ac1dc3f82bf24fc25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6706dd5d721885fa87bcc1add8a59dec

SHA1
35816c1c4e304ac375205938e2f6c49973acbfba

SHA256
c860c0873ae3b0c75508effd89b96e8b2579806c2f02f5aa34d660c655abed2a

SHA512
06693bbb774ed30fd666521bc23bcf083711186350540cc67a78836d3e5cc3b37e28e23635271c153870763a270deabf10c64c55c7df2477962092cd99b4fa6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
a5e82a06ddea326c1d621a9a17c90524

SHA1
22ffa1c965a834b869eb96c02f84311aadb150c2

SHA256
6a65789c692c88a9e0a68a1f849e9ed5e83758551cce51c19843a46039a16088

SHA512
84a66f2fcc71c94e7b3f44081019c0dd2c42e9fdeca4ce1ba9a20cfeaf044de88d12262f312d16fca3338990aeadb8a972b7796d4d72d2224a59de71f1316792

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_best.aliexpress.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ovussaul.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
48e904fd14dcbad5493077e761320367

SHA1
dd345b0a178f13cadb720148e83e24980d50f0a2

SHA256
51f226838e357b450fa2f71e94dcf947acd263dc6c3dc4b64790fd68c61d8b10

SHA512
dd7f5ce409169748d39c12ee658805aeca58d404ce7e02e5742d4ef7cc7ca70999c642274e197f255669ac3bc9ae1d1c09bdf6dae9db6c1ae0ffcfdee8076fb5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f659f1e2dc0669221f7a5119c1771478

SHA1
d0fb102eb1b9f11e1af79cfd33d65ef0ffadc6a4

SHA256
f1811a7466b60bbeffc3749ecb9e9715c417286ba19684d2939352de2f65284f

SHA512
5b89a9e2526a562be094f823b4130a1d562c1d18a685099697899b59876e2c7eb325594bb228e34a4d3fc339ea093bb31df86b083f8c25c791ba22d4d9326b1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2c8501355334bfd2da825a742d0a7b82

SHA1
87ed00fe41a5b0730e23bfd65ce5a117799a61f6

SHA256
10ed22ce7a10c5e0ff965494aafafc10e80bf4dd214d92c24256ef541aabdbe2

SHA512
0c87904a6ed874de0f1e6f08263464743b04eadba97ddde488741135324b75b4ee4d5dc3afb2741c121d3f94b276271a22ccfd275a038c709ab02afddde01ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
dfb28966d9a6f24d65f60040cd0f9459

SHA1
92e4d719bc2c8d264378e298d91e2dd75dfa60bf

SHA256
c270fc3e5a103fb920954a619278c40739ffd60b4a5920b78400f564c48d5e5c

SHA512
42c4dfc87b415cc7f61ad0892c505c783561f08fffb934c5ccb15a651e506cec35ff91f3af8e60fec6017b5061aee8e671fbd1fcf590ab8057ddef7d21b24f2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
aaa91636dd0b138a8a52cbe1ade3e6b8

SHA1
dbaceedc68e90d8a91d2c9600d28fd79d2812f0a

SHA256
a749b306a6bb168b55d0cf4eb563b4a5498bf883fe227ca7471bf52b290e0177

SHA512
288f2e5c69772cfd9a05850762c39f275f09bab0b127ad1a55c8c9688d6b6a019b1ba695b9b7e8d555506a4d44edaf5bf7ddf60b1bfe7545ad6407b70947d9e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
264B

MD5
52ae5c1509e53d0e3fa01b86a625f8c4

SHA1
daecd6f84099896c1420ef66b1b2dae8c84a4dfa

SHA256
e6002ecfb56b07e15b104d69d9a758626848f491fefdfabe3b9e9aa20965eb08

SHA512
559656ddc917ba2979277760df5b9f26ef0564227496ed7c34a46130deb6184fb610eb86bd174858d9eea77e58b9230b26c794297fb3618edb731f7d667cd4e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
65234cfcfd95f48fd4f88d944b6e6e59

SHA1
cdbc61bc4de1c5f58a3432e998f074033b3725f0

SHA256
a8563492f414f909b1eded963545c61ce45f230f83375c1fe061144dff185a81

SHA512
3acca4ea99d6d5c50be2f3ccb273d93102795715a0507a75f3d03a3430508d90f2908a3fc498e9e12144ab2b16f8a29aba0d6324d9c5724c67a90cef754527e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57acda.TMP

Filesize
48B

MD5
1d3539b36403c554b7bc862cf79e808d

SHA1
e1b0958a8b56fc1fd0a6c2b0dde44079a2fbb93a

SHA256
0d1632f6ab02d4895c13dab818c0e93089c2ba83c7ecf21a0ff315df2ad73bd5

SHA512
6b76ffa800b17f07fd16c78e551fa64f49a2e4f13b72e04bf5f63b6a53237989e86b66985a884f2079fd8e2e076539dbceb7ba06fe977e0e8cd2cab767484bc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
a840c41a6a6b828074e6d7e11fe19850

SHA1
c2a5ee6668c39947866ad8d9e8e5fece7a412059

SHA256
042e0eecf2c6bdd4a961961e07a6df5f30c120de9e81ddd8dc127ded0af629ef

SHA512
e156ba6d02a02adb765058bd903294e0cd527ac3c778bae75918b2fe20570a1b24523bf5c4d7c785cf6a0cd786655323d3e3a4b8d571f8fc7b2d4437a74a47c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fd46cd2224161623a2f887ea6b79b414

SHA1
c3b8d13064e3d9b75a7fe43c0660072f637432a4

SHA256
2d11ae67431a22fb6371937200ea3b2b0646c76739e67a83df6d019a99e6a074

SHA512
1387ea25f496ec583da796d23fa3bb9b0afd297acc73ee1f73801b23be2ff56f56458ea1256031ce53f06f06aa7da3a06938b569d78868698d8eac73458252af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d6818bde88b417d944549c5025cc0637

SHA1
097ecb547dc420f4e448266d506d3eaa6390211a

SHA256
05b99611672085297dc1c8f5a755e4870ed382fc082d5f3a1b2cee5f4360704b

SHA512
08e1d29a3c9dd309270ad8777d3749e45cf112692dd4899b1fa50d654c4433bc601054067f0c48b35f5e7f52e067cf4354638fbd21ebbb68c26ea06230fb3b29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
7b184f0300fbd602933c20b9f1a43e0c

SHA1
ab970dfd42837a87dbaa1c61c3ce0fe7caa1d941

SHA256
c8373e5dc398d27e67bc2a199b384b55aeba71881227075eaec12f00f32539b4

SHA512
1f6ed50781c90e841322e30e66a173c7b5f37b79ee62fda84fb4206bec513b2d1c304955f55b5ab88f565d8f397ad137dbd0f20722cd52573a8789b9bcbffd72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
11aa40f8838c02fb29954f6d6587a2a1

SHA1
59af013f74587d55874bcf1628fc64dba011ea85

SHA256
408a8c5700e5db950f62aa69dc4abfa0a07651f5c58fcb0b7352c1d7a8d4ed85

SHA512
8fb952d309b3b8eb93a8272e39ed2a3760f338e0608fb349ae11b1aed3953111408dc43a66a376d005b6f852e004184e124a19719dfec7ab1f6c7742e6990ee4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3e0c99ee3863ab4f35e0f087291c3c6f

SHA1
bf032f7995e501e9e6a3f09c99c04d6c0765f0f3

SHA256
0775ee18381a8b1bd19a2d885f69c84b434c6fe6dbe5790d3fda9d7d2b5b26f6

SHA512
ba607d8f64dcd721b9723b7e7febf8c6c54fb8b02484dc85cafb4b154045c4100a5db4d9faacbc2cbd914cdb2f4be22bdba62e9d195b670b7f21c532723f358b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
13bf8acc0ea6de0b530f082ada7f6382

SHA1
cb3c02d4bb4fea39a42e53919b3b6e2ebe1c6bb3

SHA256
640c8b50fb21e012302b523aa52f0ea7ebbce868fd58be5c34e917ea91151cde

SHA512
f91f6cda15478d90b7f3e36dd36338e82704045b649317d4d81faa64270461968edc583d02dcd88280a741ffca6db7309cfa1eaaa97e0115fcf5dcb250902586

Download Submit