f3986007f914f4ba275291fa09a1ceb8d6c187f245d8557d944e1d9e6260579d

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27/03/2024, 16:29

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e21bee2e30ff0e25884b956c057b6162.html
Size

432B
MD5

e21bee2e30ff0e25884b956c057b6162
SHA1

4666f3141f7d85fb139c72dea29684a6129a8cd7
SHA256

f3986007f914f4ba275291fa09a1ceb8d6c187f245d8557d944e1d9e6260579d
SHA512

ab05703a52b3328d937b5e9251741ef3fc60f24596f5da34299389182a63a19d61c133ae70e13c165f7f9eedf2214756f55dec4dd35b76bc63a339ae98395a0c

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2716	msedge.exe
2716	msedge.exe
3464	msedge.exe
3464	msedge.exe
2008	identity_helper.exe
2008	identity_helper.exe
6012	msedge.exe
6012	msedge.exe
6012	msedge.exe
6012	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3464 wrote to memory of 2792	3464	msedge.exe	88
PID 3464 wrote to memory of 2792	3464	msedge.exe	88
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2720	3464	msedge.exe	89
PID 3464 wrote to memory of 2716	3464	msedge.exe	90
PID 3464 wrote to memory of 2716	3464	msedge.exe	90
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91
PID 3464 wrote to memory of 4316	3464	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e21bee2e30ff0e25884b956c057b6162.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda33846f8,0x7ffda3384708,0x7ffda3384718
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2156 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6040 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6040 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2640 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6042055615312162364,7779087548348992620,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6944 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6012

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1040

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2224

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
47b2c6613360b818825d076d14c051f7

SHA1
7df7304568313a06540f490bf3305cb89bc03e5c

SHA256
47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

SHA512
08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e0811105475d528ab174dfdb69f935f3

SHA1
dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

SHA256
c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

SHA512
8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
e908831babdcf89bda05bf10dfc52560

SHA1
4e1f2172d3b889d18f586fb3b2c2c30df38ccf46

SHA256
37842d823b937243bd0eab669544d0cf06babccaf067255b3e75bc47b1cd3ef5

SHA512
6f63a7b439975a0cc42241325c31e6d099447e904d8607c14af3516c4954bee6d9b6b26d12d9655bbf389e374c16c01106313bde182d4a34f01322b79d6679d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_bejirachir.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
942B

MD5
b754bbd9fec490296b7ee459acf3c1de

SHA1
8bdccc31d2aed0acdf129e8b368da66efae8e462

SHA256
bc51cfea0fee59553c6f2900f248890579a82d3b4581a4354d072e1c56740413

SHA512
18fd60efa1aa93ac6a76ba03ff03ca4bc67ac87b9f227d00407ead7966d2dd8e903f5e92c2bf1ff016917e0b83135cc57369ebe036705223f31696036d4f0188

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d4fdd210992705065815817f64954ae1

SHA1
097fabe35fd6cb1c61cccbdd19f3d647646b7e93

SHA256
5e7aee418b4390652bf7d91e02dea07ba0a65c2b68ff49a74471d8bed20eed57

SHA512
95482d7fa8f57bf8900c76e076c837a489c16d0ad4ffa4c9a997167d72985799ac4bee5b78f003979c4b2fcc5b71862f4a5dc92021ad793a29f74e973595c53e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f3c8af04b208ac96d9e32a8540d82c44

SHA1
188d2bc9ea43fff68bdd39e83b5d1fb62fa3769b

SHA256
37f3e893c892f4f3e7b30f15fff328a6213cb1c9f9664b3abe5269b62b8cad9e

SHA512
7a24e0cc5bc288d6da43aed8ad6b6ec6f3f3f2b9423d9b7893af9ac75eb180c1742ac56b79ff302d9ddb1fe32b241cb031ed8668206f786374cc95254ccff101

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
e7a789468c826b080f8943cfc7625d2b

SHA1
7f2b736f6fe21ad01337a7ce5efae5126488dfb5

SHA256
78a89a82561f64b6bd1ccb2ac30a8138ed97eb9504ef790dae0d353341be07f8

SHA512
d641534947e81fedf37af05f4eee27e47b62b3c0a9620ac0615d97924d3ca3ea492e5701be11f1a4bea0fbb830b8c06ac7da141ad81fb69451a2409d954eb42d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578e36.TMP

Filesize
48B

MD5
c70b6f9799cb549b8b3b9748c3975db6

SHA1
efaf6865c3b48265d4d4c7f50bf2ae50ec2a03fb

SHA256
9897a1c5d864d65f48d79697624ae87370147032ebe397cefc0537f381f7c7d4

SHA512
826df623e0575ed4ad9fc2aa2575d74a31f856ec88d32b4d055e81f734f7d77d207e828a33f393f89a8aecb63555a2ce18044f01e40f1621f972187d430e15ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a55e9c8914058a18cd9577a459e0af57

SHA1
2f7b6ef7bb7b841a79732c214a3ea4e3b7cb4519

SHA256
5b4fa6d578840ff61bae03d1ca7d05083ce62b93e9982ea179c1dfa389667cf8

SHA512
19d74031e59d7cde37d94c3f359ca4c686bb77a47f1c503390ca7342a2bdca01625e4dd30b2b8292752222fe415c09fa9f718e10fd8360c2ec34da9aa138fee7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
aaecb965ea14031f89ab9597977fb685

SHA1
8135ed1b0b98f482b828b855ca9a173dd7b94ed5

SHA256
7fb7a60ffd6fa03cb36a3a78f49b78c6e98b57385b92921fb9330098e3caf043

SHA512
b35c389dd39d1c675881cd6e46a1bab03da687bc869a936d8eabbfb50c024a5043e216df75f6d7a2220a42dd7c7612d665542ae21afe9e2309f93c3bb0309f7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
bd17401c7323ce838688013455586396

SHA1
7180d06e781302c2f3350cbf9b1f9633ba8bd13c

SHA256
5890fc4852cd468088f5a313960b3ee7f41564b0d2abdee14fbc2eb57dd573ec

SHA512
ab437d3c964ddee1d25b679cc56a972420e3bfce9096fb3e972a5e9afc269fa4522dff821189ef39ce11b033a96c11ecfbc8f132a42609fe17a53c160eaf17b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2973a9432811987587f20e780fde5db1

SHA1
8965c182771b719f2266add8338abdf3fddd3cfb

SHA256
ed6df0d2ba908aff548ac143cb75a7b3028218f4f398f54ab773b0fe943f5fb3

SHA512
2b1d99c21104e9eb313b20103121981e675e24310a3f52756efc4ee7c12a566cdb4bc63b99b863d30c328ab4180359adedd9ff2f9200d414379f8b1ded93727b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
892658264147dcbfdb27b94232e87b25

SHA1
a5521a9453221564b6619a027bcc0cd3c642bec7

SHA256
269c52237713ca920f9299108a190c844f12e9619555d6d5a7b19b37813b4938

SHA512
c5088976fc704f2b65d5ac33a9c6578529bde287cda9d81ec077bd6c35f2f46e6a0da1fcb577ef47bca3177439d48d03e418551c40e4a7efdded3a57f4024150

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
402b7424b37d63924e6e3666d4f35615

SHA1
b11f3a0e9fbfe112cc26bebb986aac1c70e0f731

SHA256
fd7a2a63fbca19cbba3ff6222499aa15669bb1c61dbb1678b36401a3d707105e

SHA512
a2b25c1a4db98e8ba7059baaf3f1d040d4b2206bd81033640f2cb089c8ae0a2513b1deab8f34588c5a41c173d8ab8343da5af0419ddf025105fc505ce13fa137

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a28ac7fdaf400ae8b4e321142543aea9

SHA1
b2cda3639cde48a9c9eb64ea5341693b528c71bf

SHA256
a812bcc6b550cc5f8d4f5fe0639c4a43cb892a3b483bb1f23242b32749703dcc

SHA512
e6d8d7b062772cff376c9079ed285b266437ba15dc5a3f3130a0a950cb8a36dc089f46dedc17c07dc3cd159af9e3a4f1ad868effa1b928489ab9f46ab166375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
caddb295cf29d75068c559a380958978

SHA1
4213c1aacf17a132924f04b390360699003d3e9b

SHA256
7a9755dd5029df3d2401f97c0275d660516541b073c2904652ac3e894a4f45ef

SHA512
be83a0eaa6d14d8312aa7cf545cc40bd623ddfbf9e6b36c9b45c2dc4838525fa3411cc4864e0c47843a9f3c7137d3f25b3984376ccedf7c7dc2952cc987a51dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dc80b2ac734292adc8b851eb97c1cee8

SHA1
b6ef17be6aa51e091530694a644697a1a0638021

SHA256
6f2c57d60048aabc425e4a84f5d44fb49458a3da0da11d8be2ba125bebc4dbb5

SHA512
c0148878939839e767f26bfe1620beff4555d892ea705d9e0b02fbb4348a4e077362ffbbc1f869c1a612e58629902663fb6e083bb2fa159f95a28507ee1dfbd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8b681d36ca105845f5bb5c32693a7905

SHA1
0df315e80f4d568494013752fccb5ef3f0ee0c29

SHA256
398797dac8d61a2cb9d9d7cab32f9e8f6f5ac3d116430b603fe9bae3217ebba9

SHA512
ba8aaf7728911b6b3a496ebc95c269b5c017e88556e1bdc68bc8ac9ab0ad78f9890113f08c738a46e26695f6e52bed27220649ce4f32e352a6ceb72fda7a775f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f4b7e7fe84717569aad55febf8b336f0

SHA1
83089761ec71821a17b07242521d113b535ade49

SHA256
59b81a8d7d97bce7881caea65d1a43a72baabff7e92b07c7c189b8f55e291c73

SHA512
43188f52be096e3401a82f9973c84a10e9e7abb5fbe1d199e618211033aab600779ccbd048ec3dc708eecac26af8934f692b7b190c792f9b3739fe02012307c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ad66.TMP

Filesize
1KB

MD5
0f14dbc6a2fbd2d99b7c64c26189fc38

SHA1
9edc6a8b923c343184da200c3ca3085e3cd3b062

SHA256
660376c00e193998f21f2a046dafcf4783fd8315257bba8c40633958981e9b7c

SHA512
904315468979598501d81d8022875f77f078b97bf928e60b9bd27b5dccc7e2c2b22a3c3c577c5d740bb2da05b1c30f60cb4b25bf69c4e4c3466d56586a116994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
27ea3ed2b2e2b2512ca786fdf163e6e8

SHA1
58d77ab12b3026e04db7aaa8051bffc6daa08a96

SHA256
428cd69d9d13a80eb18c98c4f7bb427b93f5fb560b425801901d1e8858fe62b0

SHA512
2a013f8b0445142a5ddcc87ab7bdb404161bfc3dded79391063a35056c61fdef46cea832a947bc1174169343e5ce5a2f0c3a9e28a70e2c4706d204c7012ef37f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
020c7ed9709a014c9d93682a63f64694

SHA1
d7b3376f3f7706bc18348eb2b0cb6ce188ece453

SHA256
609e66eaab64ea721055be4152bfe0c9ea4e1770b337bfe03b37a09076637714

SHA512
23d7b182a3267653f9196a63bc854307b98017f0719efc0db1d3a77cf9a3b3d7021eb9b4f2a6ef7368bf3532ccf2aee2c9e2068736c8a38dfad914a9a2e4f25c

Download Submit