hxxp://kraken12[.]at

Analysis

max time kernel
1702s
max time network
1768s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2024, 18:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://kraken12.at

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-566096764-1992588923-1249862864-1000\{8A710395-D55B-402C-A6D1-CB7FBC94C16C}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
864	msedge.exe
864	msedge.exe
3052	msedge.exe
3052	msedge.exe
820	identity_helper.exe
820	identity_helper.exe
1188	msedge.exe
1188	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 33 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeManageVolumePrivilege	1616	svchost.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3052 wrote to memory of 4916	3052	msedge.exe	85
PID 3052 wrote to memory of 4916	3052	msedge.exe	85
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 1816	3052	msedge.exe	86
PID 3052 wrote to memory of 864	3052	msedge.exe	87
PID 3052 wrote to memory of 864	3052	msedge.exe	87
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88
PID 3052 wrote to memory of 4212	3052	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://kraken12.at
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8bd3646f8,0x7ff8bd364708,0x7ff8bd364718
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5440 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3088 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1848 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2904 /prefetch:1
  2⤵
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2312 /prefetch:1
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
  2⤵
  PID:3712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
  2⤵
  PID:444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5944 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1620 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3320 /prefetch:8
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1944 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5216 /prefetch:8
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6184 /prefetch:8
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,7596932806915176705,12768755930387980658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
  2⤵
  PID:3488

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1584

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5096

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4ec 0x528
1⤵
PID:1116

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:2296

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9ffb5f81e8eccd0963c46cbfea1abc20

SHA1
a02a610afd3543de215565bc488a4343bb5c1a59

SHA256
3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

SHA512
2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e1b45169ebca0dceadb0f45697799d62

SHA1
803604277318898e6f5c6fb92270ca83b5609cd5

SHA256
4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

SHA512
357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1f62a866-6c9e-4e4c-9b5f-a36cee0468eb.tmp

Filesize
11KB

MD5
8a6cdb666cb6afe0172a3710348c54fa

SHA1
1e05253ea2a9588762b8711fe874c034d1b34f59

SHA256
0c0dd3a7a1144be59d6a8f51ef6444f16e01135506db53998da08316530cd441

SHA512
cf28ec006e74f359262e2caffd7eabd6a87acda80c8771e310c0250c3f6b7fea33e45e8930d452e5abfb7f85b59fe869db636658c855ae54fa6fef0a586039c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\26adbd8e-0d2d-471b-95ec-34f97f905fe8.tmp

Filesize
11KB

MD5
ffb24f502a132fee51ccef23793b6b9c

SHA1
b5d2f289659926c7dbb8be9c60836a72d4b45352

SHA256
1148fcf65b6111c6282b112d06e266b08c5c4dd1ddb8e589178dfccd2a7c05f3

SHA512
bba844b20f6b27c2bee2100331da17fc70d15d4481f4cbbcb556a59f84d4dc780307bb153c49d7612ff074b88390a44b8f034ab02a3b6ff457b5b9cede95c3cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
49KB

MD5
8c42a44c59151f9f75eb839e3a815503

SHA1
6d66a8355fe88683c8e972819cc32b1fcc3c95bb

SHA256
675a33a1fbd359924135a8e2cb3f240b53a6e6d1f361d4593718efbe122b9921

SHA512
cbee3891aa3914b7220e4e7aa178a86da3347801b023dc9bc51e7cb2a1e27f08e94409d91d46d23097e62ce2a83cdc42ebbb342d60459f8ec734ce1c3b74c0aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
34KB

MD5
6e050be3bd6794eba86225c7782d2dbe

SHA1
7ebe1b4291b92f66e4d35bc9109ed5442e35eb20

SHA256
0cd7b67e7bcd622c93226fff7a6232189faea6f63c74aa354ac5e161b152e87b

SHA512
9acb7630e337c3af1de1772bb3c2fc7cdc95c56917ea4c386e58127847880267fc25698b8dc0fc93f2bd9135e20b050a46fc3f02a2bf27ba5f67e281c1076930

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
69KB

MD5
a127a49f49671771565e01d883a5e4fa

SHA1
09ec098e238b34c09406628c6bee1b81472fc003

SHA256
3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6

SHA512
61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
88KB

MD5
b38fbbd0b5c8e8b4452b33d6f85df7dc

SHA1
386ba241790252df01a6a028b3238de2f995a559

SHA256
b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

SHA512
546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
1.1MB

MD5
93feab00f76536d681c1b77eca2c7caf

SHA1
c48cbe893b3178a56357c132cae2fa63918d790f

SHA256
5da61564d6ae3fa4506522460d177f8b642b20bae63f81cee14b9ca71fd49226

SHA512
6276f945f1008c70bdc559a8d6a14c609a033af2fae6bd80c129da546e7df6cfb3fcdcc452508df8ee5be7a0a87a6f9930664b8b9726c4e52877802a9ceca5ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
32KB

MD5
bbc7e5859c0d0757b3b1b15e1b11929d

SHA1
59df2c56b3c79ac1de9b400ddf3c5a693fa76c2d

SHA256
851c67fbabfda5b3151a6f73f283f7f0634cd1163719135a8de25c0518234fc2

SHA512
f1fecb77f4cdfe7165cc1f2da042048fd94033ca4e648e50ebc4171c806c3c174666bb321c6dda53f2f175dc310ad2459e8f01778acaee6e7c7606497c0a1dea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
74KB

MD5
bc9faa8bb6aae687766b2db2e055a494

SHA1
34b2395d1b6908afcd60f92cdd8e7153939191e4

SHA256
4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed

SHA512
621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

Filesize
54KB

MD5
ed1b98313dbfbbcf5eb3919278bf7ddd

SHA1
5b8629b1de21025f6684e7245078da4a33394838

SHA256
b32b88446b0d2458600f77ad78e6465442bb9052463709a30186337b9d6ddbbe

SHA512
1d8da9f0c7e35c82296cd2276d335eb3e15e872909e6b222d8cdf7ebac9306f981f29fba627d9939ba4cff7e565d667e6431a7560ab0bf87d3aa109ef847e58a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
120B

MD5
9d981f94fd1e6a31e797b20c53f76af1

SHA1
e9b1af35722a72a21477e63c3ddf952e9adf0177

SHA256
6a680ac9df4b79fcbec74e4d09cad2bf86d54fdbfb5718c8fd76576c28fa71c2

SHA512
1f17f4e2874926d230872b02cd97e91f611de9c7aa4a2ce10cfade6dcecb7d77ec00ea499623e0e55b486ca3f320999976a7f3eb9600643f50d83e3b5dfb71a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
89f76af2113d9774967937bab83712b4

SHA1
dba94a455dfeb5c466e73a256c4ef576c26210f9

SHA256
227ca0fa6252e11f9554b7cd39024a2ce84cd6f0029bc2fb1b2881a384044622

SHA512
e5d656d4400d575b6a49fee00d222488ad36969bbb6ec9d769084d91e2abacf116d9e1257d19e1ad4e7eb4f4af9e1b16a3212d48ac8bdfc07359bca3069ed928

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
e25ff478e24b87f7d87fb3717049506e

SHA1
42ded1ee0fb38d0d825bc44d6b78b28db1da9ed7

SHA256
dc71babd053bd87606bfcc60bd5d49a1e1030c7eaec213938f8df0b636464784

SHA512
ea8c7a1c4c8b8a18f7c44fb9921f77fd210c5b82b91c3385c0157192f8e89ecd531dd1cd32651d5c3344216a7c84c25ac26b8e6626876dab0573678132e9985b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c9117e9a2d8eb096355ce9bb7bd823d5

SHA1
399e85b8b66dfc2f8a059f639e6d244c79117743

SHA256
6bdb6c0981d13b44ad4b9f2eabc09006736e17c5af244cc70f28baf431fdcfe4

SHA512
e00a3e12b81129f0e1e8912872eec2229aec7696a04139c90c8dec136e745185527e93151ba83fc3a3b126b1f53c3b4eb251fa8b5eb58a88e6af1ffb7e559afc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2f601c607da25b7c0f9229ee67dd13f9

SHA1
eaffde13142cc859ee7113098ffc375844374f06

SHA256
55c1572f1676b25fdcbd6c1373d730ee0351a89acd4be8cbc79272aeb4c2d10e

SHA512
02760e3a226d5e0f9b3e0f89cb3ad54a6aea2de50f44f5aada7343de8f89a1238ccd8e8524ef84eed735ad667705f4702800436d1501ebcaa831b0e807993f59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
4adc3b054b343a5d537f7181f212a434

SHA1
6d03122b0e45cd4f822b005e13f07061554276dd

SHA256
55d83e9bd77887783790ff1fd51c2789b32b6596d91f5fce46adfe6a8e32a4b0

SHA512
fbec11996d88404e0a54682e89f89782ef708a44f1ef28afce4cb4831ab6226975996037400374f0ecd7e1d68715a49d168c7f1dc555b139051dc46e8d7ef708

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d15eae2249a29b934dbd3695da9f1235

SHA1
1df7a7f76ccae7b29e987eb8b5381de7e9f6ce43

SHA256
d9369cce0aa7314a004f814ed098141ff4569f01a2a5ee08bec22a982e3b2ff5

SHA512
9befc9947f847e87803971abce637ccc82b63a4bfad6462abcaae88676723f89e7e115a5d2135b307b3036095aefbfe53269136fca05e7d3ffd7dd662c151f8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
f4a31af8fd4d16e154e296ad1f3d5219

SHA1
24bfc58f5b92c3b97efc4f62b587bd0cee167c5c

SHA256
e549806a60a0723b4992d02c31023f7edf292d51ff5e95f36a9b39eb1b949dde

SHA512
1286a16d2c1dd3308eb4cde95c03ef40872d2a7a2512f943bae4ab13f37ba989ef375264066b4c81dcfe7c08cccc8d78909d076b43c102164a5b1fb360710716

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
6094e4e31bc318fe20c19710de980f15

SHA1
c4321a4175e8734a4f7bdc1c27d1d839ee14c768

SHA256
42250ccbd1f88f22fc9883e1aafa75a9c7d2a83fae0c3fa021ec05f758449aed

SHA512
7af1dda013fe796faee05535e555ed681a4c96cd4392f584d529dd054007df7edfcebb0147b3c2fdac5375c2268d16a4d3ba32fdaf7c2f4138e837a955ee759f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
4d8f4d380e91acb285eaf5acda476555

SHA1
a942feca9ae8603d5b65388f486fdd0fda7b6f1d

SHA256
96ca8673f82dfc37ca56fc09ddae41ae26304f0a05910e7453dc84f1016c936b

SHA512
ddb6ba84d1ea910803a5976768d72e380a76fa3992411654c2c1f1f61fb7b215023c1ef8c8197add312a8ef81b72ed814020caf8c5e5029b2cfcf0fccf6c0fc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6ce0783b5d5e2f978da0471b3a0e7e49

SHA1
8f6766951cc46347f693b26359a2418c440f161d

SHA256
d52e42441f9723c5b26ba51aac6bff140de4c8cb0fcf7e4ca4ff2091d558be2e

SHA512
5441f59ee47e29bdae563ee51157f88558167fe39f3f69fee910b5bc9acc830e442a9da4447287f25f92555beb08cc658604f39b2a0b0d30d61249df8ee93343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
d591839bed051eb650df38f059da84c7

SHA1
c70ece6a354be1457a04fbfb168a9fcbce82ad71

SHA256
18ed2d687526a9c886dba5a3d7587f3d237b50f67344b5e6bf22dc47208a7908

SHA512
769401d1e955e2d8abdff5095899f7db2971dccdf1cf3654ae9825eb5abebcb43fef56b1a10cebdf555bb007673efb70fbff630c1e25a07df3286fb1be03f014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
6b98d5bcad8f77f523953ad8255a5cbf

SHA1
4219bec10fc6f387ce8e75e38ad540cfce111b41

SHA256
58f74d3743dfae77be8f0f6c929d1254e8406eeaa28c81f734f97e17405f124e

SHA512
37d93a3e9eb15d49bb7fe1acd76ada044de6790b4d72766e28faa4bc3b8e7d7b097297803bbeb51f533137628d87ea1d5c5d0cc720c33394a40bb7e54426cdf8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
6914cfcbd8e79c5d062ed47c5b6d41a3

SHA1
74f429bc8c7cab4687ad08206499ba97a72fdfdd

SHA256
96ae5f31dd916a5955c61c51e0483d24bf88fab00ed6790ff0126b12e38b2473

SHA512
571836bd1e4484952eb73d08d8ca41e615717eef8d20a74275025cd7a2bfd5805fcf61dbefe36ba9148687987a49986067cffb0aa93f1ae3d170bcabdf52a84f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
27dd80d898938400a2ff6f39f6860832

SHA1
742380e72e0e001dccfc545cfd89f5807627baef

SHA256
d1a3e8271d264d4f4616e93aeddc0ba4b4fa942fce157cdb53a86cb187186be5

SHA512
f2c2803316f124d793da370d1ca2bc362cf5c667a789cf963f07fbbcf7b4b1f0b1d67a4fb5ef3050e825be784ad0a1ed8004d5bb3af2ae91daaf5b84896f1268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
0643d2e9e400da03491b22e53854417e

SHA1
dc0f82ae583d7a47c994e732ae539368cc02faa6

SHA256
f2def9d7a75dfd718dc3552e679090b72bb924bc35fa15d765959ea80e0d936e

SHA512
f130dba87ccbcafc96d753d4173760058390006faecb7302cb679022a14b81a54f724d15b1d8c5d2e5c61d588eaf57391eddcd3d742ae55d63b20442618ae599

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
0e32b7decf8fe4b1a648e5fcd98296f2

SHA1
c4f0815d727f01138b25b342e1039895bacb1732

SHA256
038b882b1b2ac686c37192a746f8b1f0af9b7a042cd4aa02a03152fe339a5a9c

SHA512
f1d17e3f16af45c4d1f470a6b2dae3112cdbd8b1c00b6cc5a23b27564a4e2980b75d36693c20ad9c0485881e2c96885ff028513a9df98f0e89ca6dd26bf8d515

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
a6478d9a9850476d2ad0a2935ea2d0a9

SHA1
45ca37144a7eb7a847cf4d62668998be9870a620

SHA256
9a40fb67fd4eee4d382747f4f25e754d12cb6960ad0dca8ea9016c606cfd48c8

SHA512
cfbc39165372b64749c1c192d45d5c6ff01263147900f273d79a3b6b9cce6401a0eeee09f2b73666094942abe10e4e9d1f8d0f285e2f5155420cd4b1545d529d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
e786b0bda4f9a9ddcad713cf2a74c515

SHA1
79544f7edcaeba6d9a3913730d5c4c395d4965f1

SHA256
0f818303f353c4e28f93a3a5360ea569cc6bfacbaf67ff4e9905a25d3288dfac

SHA512
2c85c7f71782ad5f047896a978823e39a356685ea78b04677324f838e878ab22408eded6617e3ad3f0bc38832761c15cd84f2483562993e3c76faf460aedc888

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
775258590fd269810852f0ec61f00f0f

SHA1
d72f7faa66f4026faa40f295bdda6cae5d64fb91

SHA256
c728ab49465ec0460541b0da02aedf7138e9cd0f7fe62467319c8aca174a25a2

SHA512
aaff22df8364dbffb72d261fe74e3e580d617c6bbdfc6a8a8652ec57d66b48fb09105c4e86281986e034fd3aac2ed26968371979db681957bb867675d0e0b77a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
deef370ab7633d85f64cb2660540f70f

SHA1
fe34159a654461d9b05bddb763f950f66ca1b5a3

SHA256
27e2eba2025ea939b185c3b3f3aee087c18de409f453f74f20f47bd72bc3685f

SHA512
403e4d5d663859b7c85adcddf141b31f65209762c815dd55d76fc04dbd4a53a8b20d134bcd5fec26a190ba73b14a0ce0580d23e017809fd809797fd0b58049d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
e3659125d43375c4f97f88b518e365b0

SHA1
45cfdeb5c81784dc12ba711a102774afb0ab6542

SHA256
ac3dbfc9a7a623296133c2a2c4ed023568234dfbd24b4c8d15114bf6ab8b1d96

SHA512
49739cdec6424e5c48dae8760410f088843ee79c38d3b829980cf0d4555bf3bed0cad0a4c6ae4ebe0b447f7bba8a2ec86db75f283cbe251cc60a6b2b11820dd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
d15969b0e9921a98f8354f3451b963a1

SHA1
218c9b95df3d1cf2fef3a3e423ff03a296914541

SHA256
dbda2c65768a037acb131109e40a7da5b65229d97d7e9cff6eb908c56ec5cb2e

SHA512
2aa63c87e292eeee9e3438d079d20964c7139600f2487d0da235237910420b1919dc32d4c9ab67a46b11faccaad8a0bbeeffec349b4813800f0c416e24de8b10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
bb093aa8fb8f32657bc843d43001cc02

SHA1
505d4abb2e6f6f8fedf824366c5405735115995d

SHA256
da83291fe3b7cc41e045349796ebaf9b13e35363a1bb80be8de9416f29d6faa2

SHA512
3d04c3d3204a418a022e9c9345b591a1b10a059f247aefd62bc109283776961236fde97bc91c9399acc47a40695a3cc64b6b3525d37479baafc9494d34ed6ecd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
1e806af7ddf44d64284acdc4139c8fbc

SHA1
1f56e6cf4a901f089be6fe78641cc1c4bae79a8f

SHA256
9a1486b966e979d00aec4331311e7fa906087bf710eb2837b1aa3be06656299e

SHA512
f8ecee2db6ff1cc2ba6dabc054ba3bb93058a32e88f931ea4f5630cc1154c642f7b88272ef51a78f256cc6b3af863727b748be26c0b42d2557fee421db948641

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7093a3d9a43f18ae0836e02077ba3542

SHA1
992e029575ca2bf128a309be11490419fb7494a4

SHA256
e4ace6a84ca8c193095e58f214d2d154703272abe311c0dd2a466a8e7a8c76b7

SHA512
6975bc3777544dfefe8329bca8dd6a1e3996116b897e829743c8346101a49c8ec956547638d5dc49fc2ed1eb1964b6748f32656f24c4ccdeb129aee28aaec53a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
bbb14183f7b2e51a245064d5b065d53f

SHA1
31f0f730a0aeb72f1debcf1e66f5e1738df0350f

SHA256
c04b6bcb6e76447d90ccc90aa09bb7fa8ead2909973e041c18a054ad945ac871

SHA512
b730f85551572228b1524e78795dd0a7a206221576e53ed5db9c74aa183921d7cd3b3dd4e99e3e662a7a0a099a6e72be41db720cff9d1a063dc5d5a2c8cf7d4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
38af46a72b5367daf77bd67b3eb87d0d

SHA1
5e8dd7bd62ace725fae093b83e7f552db8fc0222

SHA256
cc7a0f5790efde5ec69b22e4a3dc1b7fd44603581e20add86e1f0d5679ef4b58

SHA512
f831f9adf595f336f63ad903f81eafa44040bc01e0d625f4aa3f4c5d8f3fe16b071953b5ddb9290cafbde349872116c6164a4b29a3ae430af3717eea27d70fff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d62a29ade3f7648526e98c04584d6b7c

SHA1
88ba9dc032e46e810a70f80db3fa556284a24779

SHA256
a74797b90005a360edfe5000c0289c2918f8324e7166bbbbcce5ace6d726a3cc

SHA512
4542024a72674439c3b318fdf72e44cfacded500f31e678225c2389692be3dd4fdf859850a722235d310aacc2b7735b012e82deba196ec50746726eaf62000f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
fe14e4e62c4a658b7b2f5ad39ec22fbd

SHA1
bf4d1aebc654b62638acbdc979a3946b425b457c

SHA256
50f6649573c03bb85637d87838b69f3c6089ba82f8c6d30ad486c87c09e92506

SHA512
e339947bf335e08790b769cb6007220a9512c4eabde0536c29266296228340b6ecc7c3838030a36ed761fe6a9e9ab7f2bc57b895616171817284d0c0817b6970

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
517e095f982793ccfc4075e7dc9f9e2c

SHA1
0c0ad3606fa5520e4f02a57bb4cb74225d3e82ce

SHA256
33128869b87217533c55b9bdf902592aad2cc205b4ea819f416e9528a3bcd4f0

SHA512
1a9d174edb1241ac71920fc820afb25a2c2cfca3a8b85ba43cb90dd9d46bfe27eddb80d15453dc68c62810bd5d3aace94a09936146d36be1213673e8353c96c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
441766b7cc10005c8dd047a5a0021705

SHA1
f50562df2d0befffdae7a64ebec7cdcdc2a87660

SHA256
c45ac6bbcac163c3d09021b88aa07e7d4c826888dd6a1ed1b8a87507b035c268

SHA512
f6c48f2f408757de005e21d6cb2fca44deec843e873d452768c72df80999dbd89053768024335640587cecc2d40cdf2506870f112b7e3f414855658ffa4d5c95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7614cac62f98dfc4a3018a05eddfced3

SHA1
25df2d2527330bd53e9be9a7e5a78d7c9b746078

SHA256
d5c3095014f9880e9ae9806689864b78865fe97103cbe517a2dd8cdd6a599979

SHA512
adcf3201e841c5698e3098fe4fbca0b40226c4b7c564b0345676e28553c60b0fd8adcc9228b6240ab02a0736780aa5224bd493a5b771dd85c5b26eab1c0e5ba5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f7f41f5048e0cfb11c1e653280bb3fb8

SHA1
3e34183b7518dd559066cfc24f3fb08402a1ef10

SHA256
a085e9db890d754b79dd8055ffc05014455e30ffaba533d20f0eabf4aa167a9b

SHA512
c567d352391d35efe9f4f8a0f780ba4f9159b1d51c21c3009576c9a7b9ec7b1ffdcf4c4219a4b6b5fbdbb3462cb65b40a93e4692ae8a36239dbf46edc808a29c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e2027072239d05167caafd32255133e1

SHA1
86416817064d0f63a95e0133fceecc30f1c5b4c0

SHA256
6c71c56da5fc4a7d7bb7d164da77349710ffe4bea1dc683d41e2c26f1ebfb275

SHA512
095006b9234d7ea5a34b35c988b1252ce56fa05d33b9011838f3938f7b3d3a9c6c3bd086cf5ef4b4d450245bed9aeda4f30e7ea4f0d4ae7b654a4b8b2b14bbac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5cb4594ec8f26d95b1e88a4fc005b2bc

SHA1
804a2cc10368c87482bf6f9662bcb05dc7c9f4d8

SHA256
2ccee356f5b01f6a53186c7b71867ad906f9511f20d4ee1d2003224997cca1d4

SHA512
51e4b303f7be7a7b2c274305b9a5239972aaf12e3d4ad1636037f22f86b1b3b6f0a4f2693b5b44783c5816ef0cd7a05f837a629aae5202dfdc2f68372a8e40fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e84247391c8018e60e62d31598446a9d

SHA1
5fd8563981cb04c3afe497e573799e6f58ae1b77

SHA256
4c2d695faef8ff68582846ccfc92d9b82b7462aaaf7289070e64d47ee26dba45

SHA512
773ae6f6f5cc2c6ca519da8a844768faff3c8af572071bfa26f632d2d1055c8b20ba45f908abf7e0bb45d4bb9e4ff741c1a8e3836f3665e400e985ec73ab05f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
495ac5992584d852871da8c0235e0818

SHA1
b2c00c1e420136293cef557833f4dee44b5227fd

SHA256
9cd50b238ef8070059c5288ab7661696207ff304f2c08baf42f0bd0bcd64972a

SHA512
425811e00166b5d0e545dc6bb6c9a489467a202bccb3b57c47d491a0267241d97d29f8ca4cc3d9da1a516eb2392150828c5af644755e3e53e13115e24dec6fc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
10503564f5176eaf55be05ea9b0df141

SHA1
9fa1ff91671158136419913b67e17e8c299d5b3d

SHA256
66876a9ed3b79084bb03cbbf1ecf1b087c647f995e620e49f20c0c5806e2b379

SHA512
6f954ce70d530c6073f3160376618d3610d3baa43625311c6a23982b2705164c0134d0fac53e13f7d0e0d906bf0caf81f2b33e2947c85f3278fa942d534ee487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f5b844fc24de00258eb66a15b21cc359

SHA1
2b04a3da8c7328c6d9d165d41fcee402c969348c

SHA256
a82486c14806cd4c93e24492d7b4929e017f16cf693c2058338adc022ed42637

SHA512
f2e0663b81fdceea5772b34c5aaa1d2851fa1611a814df10011aa92f95ce2c5d624c7a9eeec45f8622c2b526dfd4faa8f11a3726b9ad7c9a34918f47c1722cc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1552cdb8743261011748bae3b0e484da

SHA1
62882ba09d1fb71f077737d1852bfe01498d6f43

SHA256
b324aaa25f55d796ce9067ce426d91d08fea32dc7cea467a2a463576c8218e0f

SHA512
a54339665bcb1658c8fddad2cb096384e02dc69187a8319e921fa20214fc4f71ffba26b788baff7b0b4d3ba2b029e9e9fbb0057e35af780f2bc45de2430e17cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9be430df62bb9176222132e3a2409d19

SHA1
1ed736abccbd5d5f6f4c7b9bf3b7ccb9b4d5b487

SHA256
46d0bc94f88c448d0e5d04cd95c784f89ff05ecc60e911066704ec7bdcd3edc4

SHA512
c4fafeeac8170f7442d6b7d89bd530f4366e34fcbe28ada7f34e79d8f525237f7a087f8ec00b7d8dae056ed9b57c559fee36d4e666f706705d5de243e8471780

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
de66ff9646898d516bfcb7c9919c1c2f

SHA1
69b96ae9230ef46b2ec593893fb5b84ae0eb1c44

SHA256
449ed327faec019a7f1818a1b9599209f7f46ce4762f4413a9a44bfb1050ac78

SHA512
5330b9e255f05e258022232d5f3ef690bea4baba681d287af4aadcf9633a813f3f33cc83a3ab66db13109ddc22888c10b9c6b92aa61b9bf0a20f72e071cefc9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
cb6927c2d77cd4969b040e8e40d23197

SHA1
6d31e58a445dfe45855e06e9ece8427533b16d55

SHA256
372eb67146bca8b082db11be3d4d8eb42526a7a8b436736816e61bb6328c55ae

SHA512
20c558b050e004f3b25a003de9ada635d025de7f5820fe20fda8b2279f2cd7abff7e3c06a8b0372a1686831e5d96ec563f3cd7ce934f181050151c7684faf7ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8f78c20da2668f9a52f206ae025c6ecc

SHA1
5734bc098e568fb69a8d69cf36781248b7ccbe77

SHA256
8df4fa3bdcfcaafb46509c0084af24f66fe0c466e87ca664800914f1cc5bad25

SHA512
4f991085ca605c00849392f7eac35e2abd97461158faaace3cfa1deee25e3d5faf1f94046ebb8608c50ee94bb669e7b46a07835b18be7eb7fddc7c124681df19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0d46718c9a929b50ea484f07727d7645

SHA1
76d1786a3cdc0792a10f605701032b4a446184f8

SHA256
738f476566cd1cf5a086187b0f4e8cce7fdbd90a4d9f41576c3149b12e410471

SHA512
84a89edd825255e11f25ddba3715264e4089bd729c4bebf7ebe138db97a11e770b12dcaeb9b728fca46ac16807eba601598912eda5e4c58372ae45018e92c6d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
9c3c20d04591cfcf49cb37ce2da7e4fb

SHA1
c801fcbd34c28767521aa1e56f8c947f67daae79

SHA256
8a30fd867d4cc012611ce76ecae81c4d1e19d28cc48b1f61162a40134fd3f4ad

SHA512
b4e93ed4aceb1ab5c42c3a55e0bdc0cb3c45d33c0d78e1855c1353d81a169a57b0c8e86666f089f863f0dab04418423a4b73763ec1e09e76546c40193d4e9313

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
afd4348dc57ac3519049e9a2ff68ca9d

SHA1
118370c639771e5cc19b56cb0daa9aad828cae46

SHA256
117a274a12912c792a87fcbd63c753ffc6188696228d811d2dc69de3eff274f1

SHA512
1a1aa6f654b73bd8966f233ee6f8f058876920f0969c479731f9820293cceab0e24391a21d1624ea72e2c805476db83ef745d51ef40370170c6198cb7d590111

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
204B

MD5
297944e59d5195fd2eb7a6b7915a0597

SHA1
56fed61acf0b8df607dc41e97a9ec21de69a19bf

SHA256
0829778a202fbbcf5d05a2b4e85ec09c5860549bafc49c821ec60c546079665a

SHA512
0b55fcf592880fc739dc506f1e2d58292acd2d5c37c4211c1da589e47cff0fe2fce820b06962cc95bd3ea7c23280cedbbf1be5fea44c990eb89d9afd6378cb6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7f4b9caa5e4c6d845e9b6fa1bd876060

SHA1
ae2b90eeb8dac1587acd708dde0551858f287522

SHA256
bd3da8334b2d323a82ca0b0b1e714322c3f3c630bff8852ad888cd5502ae10fc

SHA512
c663458bd81cdcfa5c3d7e9042babd51b49629c63e84528579ed8022c5b10145fb535eb63d1257798fddfdbecff71223a8a328d6903ab97a36bbe9066969683c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
900ee39a4659a69406fd40b13d6f1693

SHA1
84053d7d1e970a8ee94becd6c9205cd8aa590a8f

SHA256
091c19da57ae6427480aa8b2e808ec69cad35f1f15b40696f4b847ea83513648

SHA512
ae3061eabf206dc461f299e5a77bb737bcc93cf650a05542e8ec63537a6306e55935bfad3b20c24e5166f82cbd684b9c0db348a94decfeac2d1c80f7363b5c58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b6c4edd39f11d77ec5e5fd1735e1ed57

SHA1
765de4f33076e34ea2765b4a3f0a7420296500d6

SHA256
dcce4345c27e5b35db6cc854356581a54bf0f0c7f28eb6aadabb94e65ff22c32

SHA512
83106b9dd15ddc06ebd25d287d241814234f69b525456a9441aab4d912b9920378a9f61315c541919c5da4b46b113be459fa7f431f5b6d4f96fa60ba871b8f6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57de1b.TMP

Filesize
204B

MD5
3a412339b31ad49e86d0ebf024c64bb4

SHA1
0d2c60cb7259938b85ead49a91d15950b761d356

SHA256
9d472b32ae7162cfe212004e407e3a3160b2f942a225e28ad863ce30946c1276

SHA512
d10e7062f30da7f201e7845a937430aa545a9f639f7b2994add876c2bed08ac8f0b1267a79b1790eae447fd615fbdeb7905f81f0f861b68d8ed788d19c607ba9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
32f3c7cf2be714eb4dacbb05ce058d53

SHA1
c5081711b93b892447b86dc2b71cbba88b99de2c

SHA256
5edbb8525e33b5c72f3383ccda9d2493c53d327155abc9a8903d782105485655

SHA512
ae349cf6478a1d0bfbee241e034bc11a7020a4fd06d15469a6d38f992258ee2fcfcb5e1ac6cda8030c39e3c7b7987a6fbe7e8ac011a8005e54ca7a8669102d99

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
252b39ed54a6cc4726480297db9d5d9b

SHA1
db0ccfbe21da9ed450f6dcd8d992e1157f9504af

SHA256
50298d5c4c48fba4c24f3ee168119c19f1d79a190a07d79ae290c5884051a5ac

SHA512
97ecbe1a80573fc97d8055482b8ebec2297ac80cd91e69c745e1166090d647ba822fa0fe1aa94acda95bd8e7d81012ed167ad99e2865ec57ffa74afa79aa606d

Download Submit
memory/1616-1616-0x000001BA16490000-0x000001BA164A0000-memory.dmp

Filesize
64KB

Download
memory/1616-1632-0x000001BA16590000-0x000001BA165A0000-memory.dmp

Filesize
64KB

Download
memory/1616-1648-0x000001BA1E900000-0x000001BA1E901000-memory.dmp

Filesize
4KB

Download
memory/1616-1650-0x000001BA1E930000-0x000001BA1E931000-memory.dmp

Filesize
4KB

Download
memory/1616-1651-0x000001BA1E930000-0x000001BA1E931000-memory.dmp

Filesize
4KB

Download
memory/1616-1652-0x000001BA1EA40000-0x000001BA1EA41000-memory.dmp

Filesize
4KB

Download