hxxps://catsandsoup[.]page[.]link/29hQ

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/03/2024, 01:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://catsandsoup.page.link/29hQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4680	msedge.exe
4680	msedge.exe
4960	msedge.exe
4960	msedge.exe
4916	identity_helper.exe
4916	identity_helper.exe
2576	msedge.exe
2576	msedge.exe
2576	msedge.exe
2576	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe
4960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4960 wrote to memory of 2776	4960	msedge.exe	85
PID 4960 wrote to memory of 2776	4960	msedge.exe	85
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 1520	4960	msedge.exe	86
PID 4960 wrote to memory of 4680	4960	msedge.exe	87
PID 4960 wrote to memory of 4680	4960	msedge.exe	87
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88
PID 4960 wrote to memory of 4676	4960	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://catsandsoup.page.link/29hQ
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff01a446f8,0x7fff01a44708,0x7fff01a44718
  2⤵
  PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,8663562027609110780,10840407764546710545,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4748 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3004

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
28KB

MD5
314cc756e40e073b9b524d36918c60d7

SHA1
4227b30894692562272e75913b832d62f03749f3

SHA256
1cc5e91639e8a1bb1421376ce8accfc366f1a80bdb209221e3e56283020c89f4

SHA512
f393e51436919305c4df7df7504983a5e9be654e85ae0d10d2ef1864353125504e09ca46ff6fafc7719ac3324fa40d08044589ca093b9d1f8e004e1a0b2255ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
34KB

MD5
ee22032cd597af4da62a98ac00fb0ac2

SHA1
0eb176bcc9bd196a319cc3782f47b7bcf6ae6a1a

SHA256
9a798097b189f4fb60417bbc4e5ac09ce00cb8e29e703adf05232b94571f02e3

SHA512
d12c379641c489a732f5a8d2c66bf0d3e7433872b6893439c2bc80fa2968dcf36e9223f558eb42fd575dd7fc1255d34324e9c1b95156f8f427ebeb1b41574441

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
41KB

MD5
3536ed102de6fab07aeaad56322c1913

SHA1
4bd8b5c0feea3961c11d7ec524dce6b32f9588c6

SHA256
aaeb6a03e7a3cfbb17ea4c9c778c38ae5b7bbf2c89ce5f449c0ba175d120a9c5

SHA512
531c278d1d327d4814a2fe865b8e36ff065554f02f8d3ac574544c85a0fdc7100ebea64510c0a89dccd2189d8d0a71e9ef71e9eb44713bf0ca255d4da0649cff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
24KB

MD5
879a15dbef38451d4b88e1fc3ea5b9b0

SHA1
124266578626ec773319fd3ba487d027e23d66a6

SHA256
aebfd7fc53956f03571b4e557da761ff07174843c8ed3811c0426c1c1c1a43d1

SHA512
3ef75881174c0c0c34d9564e03ef28c02a2e248352da3e8d5bc3d3d099d5fdd590f45263c0d4be3ce7e86f59c768e2760f1ffe38e892ea2b696ab1f0be7afc46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
36KB

MD5
9f3654d116592688b5c6796a57462a4a

SHA1
e0679e9b1a9ba6bfcc3edf590e781a04b6caa07c

SHA256
2f54f342f830f0716554e3b345b69602ca424301330620525d7b559232c4ea6b

SHA512
fdde1145bf01d286d3f3128f9c0b95c83382cfe1800212e5843094e2bf1178925c46dd054daf83c405b8081b6d9ef44ad807de2e611330ed489844db84d17e12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
36KB

MD5
92a8a82da8cda16772628d0e4bcf16b9

SHA1
12400d6402dade96ed9848baba5cff65fd707671

SHA256
c73bae03971c7670a7626359ec9e9acdd5044e2732de2f203ab22864e57ebc2b

SHA512
a30a99b9047bb79dc3fcb215643980cf34de48d16354c0269846273318b6d40091cac7ba32a14a1a2f6765bb9052b3d102f94b31f2679a9f99335acd63b59562

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
44KB

MD5
e733fd07a98960a28d687f2eb8353a90

SHA1
710066152d4f995465e18b28369e41f6f0bdd201

SHA256
665bd8cd6c69bf8b4459c29b4edd818edcdaf79bd79f6c2ab57a79d86d3a58d8

SHA512
72c5649fd8a0a9df034a4c0f5c881235bf1f6436f3e7bc9681e9adb6e2d66681ef85c6f0ecd8f7e0ee1eaa4074b1568aa0c2d70601336f3a751581d2d01a38e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
436KB

MD5
348a0c4fc5b4ec2c3bce2d7e3a925a6a

SHA1
cf73e9eee3437cbbf3a1e18509f99bb694b40529

SHA256
59c610b8725d85911938512f9619be4ad8bb3676d64b7cd888ce4d9d341be3a9

SHA512
a2900997942ca188029378887b1d1f5929ffdfc5af2257c656664e1c75b1a7998b1242d822bc3a41f13d4ee5a71a56a24f6a21c14466b1d855d3261eed114694

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
213KB

MD5
9a798901033e7736483330001dce98a9

SHA1
14de8bb8e4e42c22a8dea8d9f8c878a21356c026

SHA256
7df0462f97bea7c8b9f8ae7f2f3c0486b51a07f7a98be1825111a4dcf62a55ea

SHA512
d357fa0efa61cdb1531be38f8593967ee8ee5127ace9633c8cdb095b04cae3c9376f36ab1f1d4802a05661a14c35f9ecee8457c47bc103c765523f6a77b33558

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
198KB

MD5
cda68ffa26095220a82ae0a7eaea5f57

SHA1
e892d887688790ddd8f0594607b539fc6baa9e40

SHA256
f9db7dd5930be2a5c8b4f545a361d51ed9c38e56bd3957650a3f8dbdf9c547fb

SHA512
84c8b0a4f78d8f3797dedf13e833280e6b968b7aeb2c5479211f1ff0b0ba8d3c12e8ab71a89ed128387818e05e335e8b9280a49f1dc775bd090a6114644aaf62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
3b9689ea497cc59f624cdb54d7f99445

SHA1
018af0d28d42c82bf583fecb8b1fc503d4138be1

SHA256
99f9c3d26dd2c8994416296a80382dddb17f63796ff55ba6b0fea419e1e61dc8

SHA512
5a400c9359697e707bb91d4e83f48f206073364085cd4c086c312107cf0dd932a3c9654ffbfd4c97f7684cd23ab9da84bb4e6a47515feb1c3e646eefb9ae740c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
a6b6ab3eb20dd54e9c0ca084d5182d97

SHA1
b8696ceb79fb71df8926f9f48eeb6bf687a3feb3

SHA256
bada0a93c9bfb2210e3f0baf2ab5d936301bd144a8b2882649576521616929fa

SHA512
1523c6e3d9d08cae0fb78500a0212cfc118d787a78fb6292841cf92d648e01229c6d92b85b504209b748966bf7a7be0a36f98f633d87721dafc278c1aa307ccb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
538e4d2f9a5cd9a404ed4a164af33ac0

SHA1
fee37040d86485a956a0afbbb3d450283de05bd6

SHA256
b4d05c122033ab9c7a6acc704ccd653ec5e73fdd67e57b78e5ce63851a9f5b0a

SHA512
48c325db78bbed612f2b1d3c1662d2716c837e3707f1a4a9234910124b4b37b63a584dc6aa5000704ee27bdd05feb0f67ed084d844613ff41e9409c6e3821343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
077c302c4b98ba6b4548c71733fbd1d1

SHA1
bfbb7e8aa00f7733f5136c8005cae40f3057ef7f

SHA256
aa9cd1594068273b1af7234ce4a5382c04a74efe29f7d1aebbff1a14e2f78bca

SHA512
6724e76be86a5ab0a17dbadc29241c120d65b4862827bbf72ec34947231e00bf91b6e48f10f5674752a8758ca49657adddc1d3a9394e9e99eaf7ed3cdf821cb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ea02cdc807cf03f064ed159e4d8836a1

SHA1
c4cfb3d35a4a0cc420853afcd91c44e9ec55b98c

SHA256
83d5bbd76ab3aae1ba9ddd36f25006b336a750414970d62d60caf3d967c02ec9

SHA512
64b5186c26a3d6edbbab080b5890636fea465aa0977c0278286ae4fc646b13ac7d144eccb10692c78ca72d5569e2bdff69d619dbb0611b1b9a3dcc81c147b24a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
08299974e156df6761ffb686987023b8

SHA1
caf38ed5f71bcca11517b2d3431de03be3bd8c70

SHA256
f55fae2c39292400a1c87867729d4103f879eaffdbc8c42e196cbb4ff91ff223

SHA512
b24653f3fb6a0bd31edba627431b33fe9eab83663eadbcfe616fb20dc707290a7b31fe4e4849ef74c95de843a7498950304cc2827b7f47047991f8c66c87c935

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
705B

MD5
cf33069832f677caef70ee5f35252979

SHA1
5a16d2d8268fedd87c54781e70a1d78933c925f7

SHA256
f4f8c5bb1126e539d7f30d7fc8f397a93750166702f7baf870c45188553af188

SHA512
f35203cba06c990fa3edf51a9c64e5bb3c3316015e9261eca8d908177546c1114394a3f2d1a2f1f22e11cf1d80bd6b3ce27d5c0a247f1a03d8f698d809cd7f76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58753b.TMP

Filesize
705B

MD5
d21a17144f3dc8b526e8c299e6a1c71c

SHA1
720acb6e147bfa75a54fea420de67db917726a84

SHA256
f19aa996c57dad71f31d63b6e2dc9b7c7e511a8b8c914ef22a98ff226f00b535

SHA512
ed27847cd0179f1423945e606a1ac4c655a58e8483822a46c6d944362d8c04ffc32d93b245b4cef9c8fdce7afa9e23763b0fb2abcbce900ad4b633769c541822

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
86cc3c5f1aeaf80560719ee6255dbf49

SHA1
0ac75ac2b134d820c2e28ae39e8c1204b3390976

SHA256
19868438110bf0ef80048c9dea0a0ae3d667051537db61a8806bb6d03ef3f34a

SHA512
9e46dc4f751c6444646fa398cb0e9dcc0c0d1164a2addfbab98f514011cd11d89536a08e80f270069a87b0784a4f919690c41b8ed1e2c10896f45616d25c161c

Download Submit