hxxp://nonews[.]com

Analysis

max time kernel
960s
max time network
965s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
04-04-2024 19:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://nonews.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-275798769-4264537674-1142822080-1000\{BEE719D8-9AE8-4668-83EC-FC7D6D5E7924}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4292	msedge.exe
4292	msedge.exe
1308	msedge.exe
1308	msedge.exe
1796	identity_helper.exe
1796	identity_helper.exe
2888	msedge.exe
2888	msedge.exe
5996	msedge.exe
5996	msedge.exe
5996	msedge.exe
5996	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs

pid	Process
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3104	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3104	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1308 wrote to memory of 1916	1308	msedge.exe	86
PID 1308 wrote to memory of 1916	1308	msedge.exe	86
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 5012	1308	msedge.exe	87
PID 1308 wrote to memory of 4292	1308	msedge.exe	88
PID 1308 wrote to memory of 4292	1308	msedge.exe	88
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89
PID 1308 wrote to memory of 2128	1308	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://nonews.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ff928c046f8,0x7ff928c04708,0x7ff928c04718
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
  2⤵
  PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2804 /prefetch:1
  2⤵
  PID:4184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 /prefetch:8
  2⤵
  PID:3444
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5796 /prefetch:8
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5556 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:5368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:5732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:1900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:4152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5312 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,7537812221435725879,1142116526640968801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:4636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3588

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1260

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x464 0x46c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
27KB

MD5
d6f862353c2433098d82725f90a0e280

SHA1
55ab2e7e58fd35c99aec7fb52849d866eaefc438

SHA256
719a5b617534fb3a811c51a999f943911439fb43225e3a38a79dfb9c0ffbac38

SHA512
0de7c8478de4d63e2d49e834c5ddc7e6190dfa851b46914f32adc392c1b9e22e6222c01950738985b44612b65a8cdfa6ddd99e77c49e1d6b9257c63af974b178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
63KB

MD5
6ed14489578afa5d9c5ccd488dabb494

SHA1
790c39229938bbff2d5aae097a1fc6326f76ff57

SHA256
847106a38aa47f5c87982c11cced1bcdcc236027520247894dfecc1992b66d2c

SHA512
ee7003a70714e7ec3c0eb179ef5a107d4e570b51db4d3f69760469e4112bf72246841289158e219ea9420f85425dad064bfc3bc1cfef68a4531eb8930f244cf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
75KB

MD5
185c96e35e414eb3f4704a2677a37c52

SHA1
7752c45f6ac8e29b9028217d58331b02748a4320

SHA256
8f66ba699e3b1a0c933a56aaa385db335c3ce2a10185246a2611f653f50c5b9f

SHA512
4df8ea54626ea3456983772647596765821a4504eb108cd9710006b0197434598e910fc64561d0f00dc2b27365eb7b2310e9d6e986f89d2b58ec0c42c09c4ccc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
94KB

MD5
59e79531003113435a810569faf5e503

SHA1
115fa7555723c330ac05d35079fc36a9a162ea2a

SHA256
2e654170c4c0f82b1aa8345c2da6633c850e132c8d5c6370e791bc74d2dfca1a

SHA512
afea0b2198e2abe639fdb9143ffa832fbcc7a120ed4cf51a556c92fa8f4da68fdb3e3ce1e82f542d58b14bf6f634b5c76a56df0ad8194bf5fc8ba8c35816f007

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

Filesize
60KB

MD5
5d061b791a1d025de117a04d1a88f391

SHA1
22bf0eac711cb8a1748a6f68b30e0b9e50ea3d69

SHA256
4b285731dab9dd9e7e3b0c694653a6a74bccc16fe34c96d0516bf8960b5689bc

SHA512
1ff46597d3f01cd28aa8539f2bc2871746485de11f5d7995c90014e0b0ad647fb402a54f835db9a90f29c3446171a6870c24f44fb8bbb1f85b88e3ade9e0360e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069

Filesize
29KB

MD5
f85e85276ba5f87111add53684ec3fcb

SHA1
ecaf9aa3c5dd50eca0b83f1fb9effad801336441

SHA256
4b0beec41cb9785652a4a3172a4badbdaa200b5e0b17a7bcc81af25afd9b2432

SHA512
1915a2d4218ee2dbb73c490b1acac722a35f7864b7d488a791c96a16889cd86eee965174b59498295b3491a9783facce5660d719133e9c5fb3b96df47dde7a53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

Filesize
21KB

MD5
08d22b7b5d3d16b28250c2c845ccfca3

SHA1
4093b14efdcb04208a0b9630bcf258813f087ff0

SHA256
aa09076eac69e0ff314523e731b03c77790a9b87dccda6ab406913fb2b56f374

SHA512
747c131ec0378273c77895258ad21218069d2cc1328773a3c0c707d9f2bc64647338f453c518a7cb129e3d4fce9fd64105383dade0b98c0131222f9b41b9e666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

Filesize
16KB

MD5
ea8233ce8189c2dc277f5f4236e09a70

SHA1
3fb07896af74a180265739805e5df5629d7fd4d8

SHA256
0e575f86e2ccf601c04bc27a738d454529c6b1aa1dbfc94c1f365c6b4a374000

SHA512
ac042714c62b1bda4ce681ddf74494fb8b100ab37c1ce51d9f6816abfc073a7765aad1f0575fee51acbe4dc04731efbc9175c9c50f36cba75996890fa7554322

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

Filesize
16KB

MD5
2d43e1ce03c4a3c35dd435924371ad93

SHA1
be0c21181e1cce89ab7e22a694bef77a1d7aeafd

SHA256
1d6657667332c864c363adb8e1c77ed87e80d58eca1773883b7c8684d4d8b1d4

SHA512
8edaff0147dd4472740aa12af1fd6a08305edf42a9353a6ae27383b148219346233c5aa48015b3c7f99116f9097e95722c0a5890046e07a15665644fcc825b89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

Filesize
17KB

MD5
c915834d2c04adc5191c9b754bd8d863

SHA1
bbae8b7716c6886fa19f2c04c268d65f60376637

SHA256
78d0ec5f7a8acab4fe75dd80daa27fabcb91cbee04a8bbdcb2c262710918e2fb

SHA512
59aec76d46d763f3d19dcbeb12538c8bb3befb4e4916811c2d4bbfb77d5e37b1f96b7ae9a4408a014711359075f0530620dd5d380827b243307ab46a567b9d91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

Filesize
24KB

MD5
b2b2c6c69c3280a209a008a65e9da436

SHA1
f0735f32c0f7bbcca3b9da9d6029c1f6b0daaf14

SHA256
5392af195e272c4d17bd7eca20ba0c9f94385a97429a887fc3ec4dc1d237cc37

SHA512
1619efc9d8b51f97bcb8db868fc02dc20b9c6d5ccc1a6311386f4dfa3cc46a6dc86f83c6be977ed753c3163ee93e78a8da93394be625e8480a7341651aa9628c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

Filesize
18KB

MD5
f8655f237c7844d3a170ada58b164f83

SHA1
4032e9ae25330c6038358b5172f91413b184c36e

SHA256
1c00ad8e2dcd5ee3a13f2884a949a7b8146b555599b4b4dfb2e39c0ffccf9f87

SHA512
ef514aae104499965c0fac5e06b92a1dc7ae69150c0896296d39666700c6710534d6a1ef6087f81723662aa8047d0ec611dc435ba65a66a2ad1f8b3718f398b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f

Filesize
16KB

MD5
785e07c2ea92b028d135b85cee68379f

SHA1
ce6d07f84acd9d09ab36f7e8879e43de28cc0b80

SHA256
1bc5e6fc3f7a46c1b3ea82ae24d338d693d8bc3df2cf6060c4999bddbc6ef420

SHA512
bf8cd91549cfde59397cf1a15013bb663ccc070629be8a7b1c585fef2e039070c742ac54642f457d1369cd3a521e05251cd7c3a22291928f7b23bdf1fe8573c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082

Filesize
50KB

MD5
8fb086785750556f6b3368cb48b2e609

SHA1
49f70acce3c5d9ae25e2279277bbbccc66ee8e43

SHA256
ed5d4a9b93e2327c664e55baf917f3476fe9760c4b31c78566fbe395fc3a344c

SHA512
893293255406f0875f204d0c1ed05f77dd49b0d2b6b2f38cec9598c2d0c0bfdda8a4c286f61ecfd9173824fe2e2ada7ecfedebb79df2e3a1fdde3cfa489214b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000083

Filesize
16KB

MD5
58f71c674137e8bf3a6bb235543f9a25

SHA1
25bb35856195547563a346dc786a5ab8778d451c

SHA256
860b9234e2b53eec4228be7c877bff6086be3f2cdf69b950b77a249f13139afa

SHA512
773865307ab4c93fd55b12f064fea7ac29524dcbd5a2401946e19800bedea2dd4a88c2c982f799f770b910e336491252df7ab582e383d2f5c5862d71901e40ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

Filesize
20KB

MD5
b77bf2a81368eceae9c94a4ad7f8e74f

SHA1
5f91f497832826d4b30901e06bc3c6fffc4aafde

SHA256
9099a2593e98847dae8e6845472c612aa63a77fea98abf796655f7d1a5d67726

SHA512
ac6890891d98a882c457e82956e266f6733133e4dae592d089916e24cc700401104f0c06a3e5051c1f8280ef2e68797012158f881a07be3845d6845ccebbd16e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

Filesize
19KB

MD5
a5f4f7aefdb337eb6c5967d879485f55

SHA1
b0a3be72d682e1b7a25c61f9fff8425bcbe5019d

SHA256
5e54fbea677774a37c924e76b61e18f2374c0481e6dd5203c225b835bb496df2

SHA512
3c45196e187945579bd16514ece278004739b067aa59d5d939d8e4e7fae3a418cb9f9eddb3209bb285cf49c83f9ba9370e431c0b452571ecfdacfb107a3af676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097

Filesize
78KB

MD5
6db5367f80f6902157153048c6a8fcf2

SHA1
01fdb1581e9619a2d9e8f36cee8cb58fa7baeb0d

SHA256
88e0b4ce2f55d91ad1ade9ad8b88b08f5b2194b132b64700ebccf4b3639d2ae2

SHA512
8f9b7a16eb3d5718b8bf9d8c217b0a410d0a95434de2210587d8bf1690441361bc3a546496bbecb37f18a893eff4ddbeb8e7f12e8dcf77f46501a35110d659b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\021513437eae6786_0

Filesize
2KB

MD5
245938655e7f63120c651bd5d6ed3c3b

SHA1
1faed45d1f1bb9aa70866b3f7279e92fa3f4ec01

SHA256
5adda552cf7dd3da07cf72ff000a972a4c060150e45981380bb3c16b849e6183

SHA512
1ce4cd4201ac4b1215ad84d69c097e78665e2411cbcd06eeea72eab11c6437acdb3ca46576a7c66b5b88c3d0d4c9ba8746d25881bff65d3ca2ce4aaf47106929

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ef075775c69ab20_0

Filesize
265B

MD5
a68eec01210a9f4b7becda905d8864c1

SHA1
f0b6999a8cb7c1317c729f17d9353c63d9713ac0

SHA256
21d661bab0437352c4f931472016a8e68d449840087254ebf8a31c674ef7c7cf

SHA512
f559031ef814a27d2c26a113122958305d2ba2f3979384480430f7eab4527f5f79deb4adcc8ff33b7d027fe524fc9ab8dc09e5e7b9772332f3c8ae920cb5589c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20e73a112f7c9ec0_0

Filesize
80KB

MD5
b38f82a7e8112ad6fc5fa174c9730e3d

SHA1
525803cddbe2481ec8d05a7c0a11661f27394c2c

SHA256
31c1c0c9d979c1cc2755e1031e7b83fd5f1b10f98a08bf501e6357aa66bc43b1

SHA512
0f9d96b28f9a961b5c6c1644ab7a5d9fe6078cf4d99c7ada9cda090bad0eea3c5862d764b13e8e89b870ca88ff37751905626cd6bef99d441d150960ac4f631c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b104337942213dd_0

Filesize
4KB

MD5
06de75858492a5e78a069eabd0736a8e

SHA1
358b83716bd2d1082c8ca1825dd6a12437312c39

SHA256
e87cc9776c374ca1b38ef9f379d061f4f6a3be2fa612f0d4ec3e7dffc2fa8e92

SHA512
d9e5980d07c8118450b614a7789ec8a074c0e5be7ec2760368fe31d4293e9061d44e0515fced2556e75bc708e0ad28d837c64a8e2728e90d0ef7adb4fa0227f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d3c3fb446694839_0

Filesize
260B

MD5
9b91441dd908c62dbaf125c0063ee2dd

SHA1
85f521d84d148eef8c3661d5a0ab30a4fa2cb276

SHA256
64c99e4f79f4b45913f6c56411535cd848319b0688bc8cc1c7f7a787a6c39e4b

SHA512
36d982a7bb516ec21597ac7d56d8aa7414ec7804ec880540ad109f1a6627dc64ab254b0bca17fada6b2369a007328d4e27e4c5de1c54a8eabee52d7d863ff290

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d6e1a4601df0a0a_0

Filesize
9KB

MD5
b504e292dcdccafff5720a1dc41e9f92

SHA1
a114273d2583bdae6e4ee9bd3aba7c0071717eba

SHA256
8266e99185d82a45268611065662b8bb3ef8a1c1f8eab15c3576956e8953819f

SHA512
78fc13ada1e4ab9ebe6523d952d034663138542c8ca6e2f74bb6201e3eee5557c0eb7f620d8afdebda31a430c628c570a6aabfe4bcb4ffd57eb5df200d46ca9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4bf8c526b2aa7b9e_0

Filesize
296B

MD5
271928e8f8e47000a65a1836b5e71b7c

SHA1
7249cf4a2f8e146525436f740d4f49db42289a96

SHA256
14c7d83063bfa6c2ecf12adcf9b9425991029bc486dab4a6569a176f81621571

SHA512
c6d1349f2710bbeb8b710147b2b1565187ea7849b690bbb403eb822db937d22a700c274fb92de7ad1b6c7d4b3b2ebe924479d808c97dcc7caadcad17ed4639d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\50b90cb40a101984_0

Filesize
9KB

MD5
fbe33487a5de97e1ca58d638634a3345

SHA1
bccae0d3423c00465d1c674548c7ab12a636e9ca

SHA256
711729f6cbf9d302d8d7857b95ba0c02cdd361b7f8266ec07a1e6fe617f15744

SHA512
eff2d62a11ce402666ff0d7eeb2f1211df6f74f3206fbbb934a1908c982faeafed8c79116fe7e3c4e6652f3f4c33aaf6873f652b492cafcb6216c7b7f201c6b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62fafa57b691f10e_0

Filesize
9KB

MD5
5b4ced88be1c0b6609cb5e78f678e953

SHA1
62adc3b4a5449541a2951ad031365f9bbcde33cb

SHA256
5d3c86b05fd51929e5eeff7613f11decf80cc0f04ba9463f9eeac323dac0b830

SHA512
62503a6e6635324c77e85fdf8b3af998b481588b001663fe60f7d489d966028bfb94d1a678403feef6634f5df2bf7cb771dbf8618699ee77f90430acf8db7553

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7498f00a9a9d5c18_0

Filesize
120KB

MD5
6ab551bedd72fe56f07f580f1698df66

SHA1
91b27624e9034ce4545e39c61a9fca796c73b1da

SHA256
e338b1de70fcf5f0486d5c67dc0c030e0b60d5eaf90cd481a1cc992b3d91239f

SHA512
190a11e2c3a7866d2e8c8f4d8023f5c97a6237e68ea15d11c521092393a1aa7d16d1b6ee5059c5dfa91254ad3c96441b4af1f5dc1a58391bdd3d6cf04d3930a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\783ae520453e395e_0

Filesize
251B

MD5
af3758b90c2fd5db326e046aadfd50dc

SHA1
cb393d6fbf5fa4449222325f49e44bca0dce3b75

SHA256
5adebab70636ca87045b186692ee922a86a2db8da415c5d79ded35f2b04789f4

SHA512
0f166118b085bf710e07f5f8b3446ca2660b260184f6182b42c4715e66d8fdc87a46fb6b9fdb014256ff9fc2f14c5b4bffce578c7dabf673208f3d0b187c02ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7988a94528dcc770_0

Filesize
26KB

MD5
f43cb28f569f72d4017b4830df22834f

SHA1
de754939f0076d22caac94a2cc3383e780c92b67

SHA256
f2aab69d90a2ea06be02228fd9a40cabcda274296d86f6caa31cc102da0a9fb5

SHA512
c65728360ee5ac411ce0ff434b5b1f182a2576d39aa57d79f6bb1c5fb36d5c291385d80711fcd7b2d53e0042705ccb9b6f891133eb1308f173d70ebfed931b64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f878c7420b45bb8_0

Filesize
45KB

MD5
300ed56eaa26cf71897dbe8e565982d1

SHA1
1dcc200549f04e9e9dc152ad5454a3b98ac9cc43

SHA256
8bab159c23a53ddabf86b1d1806aece8ed05840b596032fa53646aeba7f6a58b

SHA512
89c5cf5039e4bac60ce88e915aa0a01f3f848533e8bae57353c19040681f061ec8e675e89eba73c82c265984929622cdc67a694118720b191403df5ed639d229

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90109c8a4aa25f0d_0

Filesize
417KB

MD5
cf83f6accc012e0c8fd9b47a5d912cfd

SHA1
f2747e5a2283095e0d1db8e4b89c6ed91492a4e3

SHA256
06c2cf68c628ca9a62e6771b07020b798e426389d0be4bb989decadc205d24a6

SHA512
b8e22bd3bfba800b0e5d726b3327adbbf3384b579a19df51b48c1f6fb7610d9f1e298cdb3173719b214ad16953e8c5fe0ffde260307e026ca9d5916646255441

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94152247b5718c95_0

Filesize
302KB

MD5
463cba4f22f4aa8b364cbcb4c128bd2a

SHA1
f3f5b7298b0a9bd5aa53b018447d363c0fe01914

SHA256
da1915c2d1fdde98ddbe637fcf90f38277b919ba58ecbfcb37f531828489c673

SHA512
9c5dc9e196c8b56e1c58213599ffb59e4265e03d4b03d2ad6052ff69eaa935ce104457b62279d8b657192ab96d47efe2e327679cc48cb024b29d303cbe0e4ae9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9b573be67059e423_0

Filesize
3KB

MD5
72783233f48cd67137bc1c92ef951681

SHA1
855d3dd6d4880477484858675525bc805cfde72c

SHA256
2ea953a9668519982290920419c649f1a26dcc11328ed9745d26a6880624d0aa

SHA512
06fe87d9af48b1a98b66600e894311ddbd2b0cf034efffbbd33494b13db4277bef991f425fd932787d3df6850e6cc387111816adf1c9a8cd7bb9ce9b6c3848b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9bb38732040023a6_0

Filesize
11KB

MD5
8ec4c03f3fa5e2803d7b53280fb59d16

SHA1
3586ec8dfd5b58ae88840e789d629cc372b4fc86

SHA256
ba82a7311c9ffdbf8a3a021e07da00951846b34237c002b1a2878c544c35fa55

SHA512
3fad4b3dd688b66d43a6043e989bf2adb82254aa7185456baedec92b145e93c3f46b1312ba5ef14598e76cf8181497b44d4302dc532123898cd5ff4fdd3bbff1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a10a720a1bb4ca6a_0

Filesize
294B

MD5
46b4446118880d13ee99ecf6266f5e66

SHA1
a1efa279d69ef8e63abf666097703f3d051721d1

SHA256
d19b25b225184f8e1b98d782117603fc777e0b0768a6e8c547b42e59df645628

SHA512
9c6bdbc57ff3d2bb3a8943c153b5623f4944c79de4ef4a59ee60da22a58d65d790f3a830ead0abf997b4eced961970e5475711252cb8304d95d220453d38b529

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b57c78baf0829aca_0

Filesize
279B

MD5
e8092aeb123e1a832232be90cfb6efd1

SHA1
2879b91e52e7288996fe0c0ff7d35dac8d5575f5

SHA256
467c3d358b7daeafa619e1d851c1c5d6832b5de42f234655b2c2b8a42c78dedd

SHA512
cfaf39751412229feb4ebaee0b7112d10df8d4d62ce8a66722abfbfdc74decba1155c34eea1b8489cee785a6ac7aaea17d954790455cb6703896b92751792021

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b896621301d95362_0

Filesize
2KB

MD5
d087aa9fcfbb3c696c32cfe640a9da7a

SHA1
da7f4d49e105046cfef015bf9e5f0d61c9cd17f7

SHA256
e42612d87b14df6ac5b0f8c19ef3417a1f452759e85642e7ff1e920210ac37bc

SHA512
2501729ddb891f98c2f9b5511a2f7e46bf6c6b146c11e5c457d0f377983332820220ffcbc13fe29eec9facc735c68c780d541eec74483365b1075f2a4c93febe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd60590a70136c44_0

Filesize
1KB

MD5
58a6cc59c54f6575c5ded0de501a7800

SHA1
62ee41cd115aa9d0fab5803f2e109b643d872828

SHA256
69f125a631f24365ae016a8974ac52e7c375c9229c54417c0abfb5e44696b664

SHA512
8fea1cd30de0b2eb26470375597dcfa47cc12fedda9b80bf0f7747e113777d5335863824b4052429125646ebb43fdf0008c6f83f5b5685893c8c8542b09b6c67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd04b79db2c188ef_0

Filesize
91KB

MD5
042989179d0f4a886606e653ff76f401

SHA1
7b296ef3b0d6e9663ff8b29a6b405fbf8e26cffa

SHA256
284f1950164333261498e99d4216aef07db213ed54eb34449ca5038e493c0e55

SHA512
354a3fa188de86f226a84e9061cd57a90a1713f4542aef45aa491f4426e0fbe4a74d139eb8357da60e1aa396115c08e4e5502ad3e9f4fca67ce35bb17d9451f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ce5ebb280532aa96_0

Filesize
110KB

MD5
ee4f0c5b18ceae451e1276c6cb602f9d

SHA1
ea9de61c0af1484bf46540a43efaa54c7c91b242

SHA256
b169389994129b9e96904ca45828326c80374f643259a484a43fc1fae12e6d8d

SHA512
f8fd9b6b1add8ff267bb48aad10dc4da3b11e8be29d4d986abe48b6646564b7828e1711ccff6c62b66efc4fcd4f29e295aceb3927a7a727fc72182e0ec4d79ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3e06f5af569ce76_0

Filesize
1KB

MD5
a0c1ba3089adedefd76b431bc1c5d32c

SHA1
07a4cfc0fd4fd1521b0ac15391ceff1b67c95db8

SHA256
8ee550f329b9eb360283a903b7351135cca7899af87f84b7091631ebec51115b

SHA512
3947324007e9fea299a09905805011dc8411b24b8a399eab1fe3ad2936fed932f6f158f5845c7eceb3b48f36a8a6856fcd1e31b98647fbebd37ec126519c21f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5d54e3cb7939bfb_0

Filesize
3KB

MD5
f24345e1e3c20aa0e3092f97cd659f22

SHA1
d6e557d6828cab602f6b14140178fefba2b4d157

SHA256
17e1afdf1a3a13abbe8f0a57bfb39051f3ea60b64fca53d3060b2eb5732581b5

SHA512
cea0cd4c4f5cd3e2c3ec5ca18aec9995c5005e1b4cd4e4bd95d61a95970850cf4ade52063eb63e27b082b71752c37af566103b49f2b0212fe5e9e252160e3abc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f297a55775406b40_0

Filesize
2KB

MD5
224704c0a5abc9c5fa65c578bedd3092

SHA1
486491a33eb05d18f173cee159e51ad2a89a68d0

SHA256
4c46e01b8bdf9dddd5dc59717e5a70eddb404bad8971d39a29f8a0de0e4687fa

SHA512
bbcb8f8b9de35395bb50194a0d165baf6896ffdc474fedfb31a603fb93de28d66b42353e98933b58747d3088ede519fd861824dfabb7d417823ca191267be54b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
3KB

MD5
e80e053d03028d242077e50e1621e671

SHA1
41c6ca386fa292850527c7291e02116003ba2922

SHA256
8570ae318d3a85ab597ab525700c33383b16752432362d2472e10ebadaf0ef9c

SHA512
fe09933816887a48aecdf5a34d1037e9537726a1aa5cf2dcdaa4c03389198ae808f5180331c4027330291e77cc54bda4bc6a6e34e70a948a249887e3d8ef561a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
71b080f6e450d41266fbe845556470c3

SHA1
c606cd6dc664828416ea6af768da4e4a80e7fefd

SHA256
2627fddc5c25df52a4ec20b7c0bab94818b24be45efd529c1f86d10243e54ccc

SHA512
369ffafc30508a3a3eaa4025667c9621508b446d9bc7610480f42604a09f3e3ab26fc9ef58aabd87188e847bf69dfc2ad7f41b4e61d15052cd68e6a004705fbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
ebe1160bee7e8de1d8c4eabd9253585c

SHA1
cc7279312bbf42aece71cc599507ef97743890a4

SHA256
804a1888450889f3eca53b465d4957af267b25eb82bc660cc780e7cc9f423056

SHA512
08f27ced4981031c77f81402be2995e438b32573f1e1a9f78678d6e93e30b4c2c18e6b3ca6707260e9565bbba4e3f5e7196fd39e8862eb0f746f16dc986d91a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4d6f5d9ad4c2a661e978b615eef07ed4

SHA1
102bc96a95d2e76f93b79b7c38349d6c4350c72e

SHA256
dd49cc674b31ea9b3173a90bb00d0319c6cadd2a0c3536db6b36b774302c7a6f

SHA512
a0a14ec643dcc561174cdb0f38d293e74c9e0d1e4b6e5a903abdcac34882124ed2a4420a238bee83470868317bc8e076307e96b57115149b85adbec1ad87d7b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
8071cc9904cf28d2b5d3a110453aded9

SHA1
b134b8da4cabfe824806f14c6135c7fc606b4985

SHA256
7033f7fe887c05056aa88c9b77091dabad4a268259ea0af925f07fcaea1f70fb

SHA512
6b119e78ad161964eee82104a7c1b738a27315499f8dcec56a033d70079040bb7ab96bf8ef0b9b3f903ef0c02617ea2e2155230b65ef3511abdf12f3ec10d9a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
48a5e8fd87e5a43facd48bd25226fbed

SHA1
11cfe6a0522408e42897d73d1bf52741e36b82fd

SHA256
c7ca62cd3fd7232c541fc3fb5ffde8d180cb503539e575f9facaec0d56cdf7f0

SHA512
26da81d86fb1296f44a78bda635c225d22c7801a1fdf5f45fbba79a40f4b243ede22dd52b7bc84abc844609967185c6075cd67733b7c947c00d09c62e57af8ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
2c0e32c83d654cc35c4195dce8a5fbad

SHA1
cf2496956e995f20ffc9e45eff1ef6380760b6a7

SHA256
a950c788393b82b626583c5c55f44373b8bab6bdeec5a3519cc366a946ea01fd

SHA512
0983642bce03ce3bd1793d83699b464b3e79144f383043ffd6793da4a7e7c3679b707c5bb62d82126613b4fbe4e7939003ff63110909984ad1091d332c687fbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
deb85d40c67a356832c5422e2e63c170

SHA1
d56093bdfb8558e695ed2be0739f30ad9876d0ed

SHA256
d265abe8d0d491ade83a1f02330a63a2878cef9f020aa07baa5b25d36dd044a1

SHA512
3b78472ade179883daba83a1b270bd0b6453ac58b798fb8f4687b87c7defd39ec387f78947637e65f2552f808a6c7db5ed4c340826c401194e95516b5f31c1b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
efce6577c0e3542bc677e9336e89377f

SHA1
03eca6f2252e322c80c20d687d76ceb95413d70c

SHA256
533612b73ed159e2947dc3f48487df27af67431ff11662e139c8ea2b112441ab

SHA512
0fb39fac9b5614f83adc148b0c07e909ee7493fa6883221e55248ed3cb606d6df654a25a0ee5897108d786bb043224435fe76be26844581474a8f2f280a6f3fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f2a90af4b38af2e104a7d31201c658b0

SHA1
ce2e2c1ef196e24f6d23522eed56b0b55b6943bd

SHA256
8f8d75ccc4a3027ee0e5f5b67a62216fa7e29b2bce926d4fefb57b5becefc864

SHA512
23fbadd0d5611a76ca771a8aa7858903b122bd1cc58e64f0331b0b1d394098d2d1433505dadba1bb014e66c1867f9e252e78820a248d03dbfcd85c7386496f93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
63cb77957314bd2a941e71e484d45064

SHA1
ba646816abe4029a5506cd785fd3f46b7db6eac7

SHA256
3b1eab5f0609de84ef321905b0e15e52eabf1e62dccbb907215f19c7b098f231

SHA512
47e19b37bd93b2c71d4621c347d2ef7218142250604e91e9e1bf9136ca58deab7a98e7d519dacb2839e4db07aac0c4ebd1a1355a779aeccf6bd9885b191bfb1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
c39c3f33ebf64f3d23bb5a09aa1d491f

SHA1
ed0a92a0868f7fd35aacefb16aed0f8970b2f7df

SHA256
2e92190dfb5910b0a130b1c9b4ddd13dce01d068d182fc55836264dfba9850e0

SHA512
3cdb1574ec92a97e2d50f67b7b1974f91edb295472a84a034fdd9add53d35122b11a3c2a3f8ae82f17bb28e6fb5a89e3198f2fdd3e464cf7d53b43fc675ebff3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
1bc8d7494e1e0e22324ef6dd9cd5cb78

SHA1
3307ce3a935642850cb7b341d026371147313403

SHA256
dd41a051dbd0d0e5348f0a8b4f854514437df37c9b28c954e73d0006a8644c7a

SHA512
08977f2efd279ab2dbf971a90be1e9cb5b9e5a1a6616d8a9109f9ad1e1806fa030c2800a3f490b372ecc06c35c5193da00780a176ef4d4f57bbeb59a66cbd5b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
4KB

MD5
c5516f4156befa3305b943480fa7c998

SHA1
63f48d9d365a4c87286ed1f7487d1997f252346e

SHA256
2f1c694ee671426cca9097db27b29717414c7ad5d43398ff1f1beed752e31f8d

SHA512
288f71a107a2c02db4135ee75dc80708f3563c7b97d8f881c6f8cedb7d2fc6d137b8129ee04dd6a8e9e10b0e01c237408773e93c97b7d8c58f042e88c2c566ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
2KB

MD5
33809ada99cfdf06581408abae3837fe

SHA1
ff12b2652a311b280c782368899737958a94e7a5

SHA256
b8f07b9ff597b1647d2e2bac6c88f4675e747b76988dbfaff48db60d867e7846

SHA512
d3cd957426dad3f0f91ae8bf009b84b64fdaab183d0d223d5477450dd1d7912674c8b126cefec73727b2202b7924a437bec278b865c8c49c2b62066df027781c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
3KB

MD5
75deafd902327fb569aaaef9b66abcdd

SHA1
279398a6dfa5132935648740b0dde0da39215f75

SHA256
8644fc7dec0a20b0fb9607be976b05054cbc47ea9e72cbe95224d316fa5a17df

SHA512
cb331fc1a7063933a98454f9ff5f8fbecfcfa44356950d85c0619cc189e742d8ef4862c9233a41f49668343135ac3f3f36a28fd1d1f505f8b460dccab80c28be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
03403f1fda9969e4eee02d9f822bdb63

SHA1
8a4bf2c70e010bad19be9046d98f205f279aa080

SHA256
821aca1accf48356657f57b44aafb1d7f6ec0b707a45b920a775b82c08d16c8c

SHA512
061f7c22cbbf534f9027e46ed907bc5af7b54aea6bf3f6e28b2e6c61bf400855385535d35603eb2c0d7dfec0edff5d007d83da06b6bafd9f1f3aa8e7b2f9b23c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bc2c.TMP

Filesize
48B

MD5
a878dde37131ebcdc8f7480a45b36c71

SHA1
1b03e41e9c68c6168d50cc7b9b3f51ded7b654ff

SHA256
106828953f3392c99b4d69d4db8ed90720f42376b02ed0510ec2a365587b56b2

SHA512
82f9f61e5d6831935f29ee3f3524562db2d3719093628c5ce9eff506e5ed33d653606536c61c5f3effcc35c5166ac9b871ef7725cb7e8a8e0865b1a89af3a9c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
6b6f6b3965d74b7e26a79f325ab4ebfa

SHA1
a762b9c430c9a02747cd17c471a951c37b9ec81c

SHA256
0000c59c26f227b7cb9d4674f02c5b13966aa0f99ae8cf7dfed4742a0484e1fe

SHA512
20af62724111ad657a9b9c347fafb4e58d29e7ac6f3c10254b8842062a56cdd9403d76130cbe0562059a8a9f2c06dc90ec9f14b75d5d6387ee44e400783260f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
932e0a7c599d2acb3c836361ac1787e6

SHA1
96de0f4a8394ec1b6c83ef53268f44466c055e93

SHA256
5babfe75df2e33d2d066ecb781beaf899dac14847055c3bf2553c044ed16c66e

SHA512
29802b65a56e871c6d2812c685bc8ad6e9a872432fcee77b9071345a6cbd72d68fd0ea42c0ee22c6af8d5d85c4cc9b2deb43cecb1ca1d291a35014832c8e6743

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
06de9526e34574ca74308d0508661db7

SHA1
0e361a0639a5984e6230702954b20973971245fc

SHA256
2b551ffb2fc0bb120107766db29e732eab5149cc2cae30f1c5f4cbd8e41c4b49

SHA512
3595b3af6a3d657a46e0fd5072cf32a9cdfedc8fb5a0588a8d44816ca48cfa2da127dff9036de642d65bece49c811a007ee1f48135aa7a8808474d183bb2a6db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e3cee93dc82b4400e6817fa945415d13

SHA1
43f534e79f221fdcc875d82f77f882cde3f46206

SHA256
6e210060da457c4abb967f28450bda672e7fb1038a67664cc308780d1590e2e6

SHA512
fd0e8154525d17e6309924a732a86a9178c17170b4ceea575d0bf7dfc84fc1cbfbba69d3087e337e6fad087f10b8d8832e9b94a14d6d737ce4468f7c97834808

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
bfafa3323062930a6f64369f6cc83ae1

SHA1
59cf3a9d428fe7a582dde503e11b2630ab94c8e1

SHA256
43450e8fc76072c25ab4e1c120960e13ce79d07ca46731edacf3a9d5d44df967

SHA512
87b0aa7d28d0a7122d8fbd7247cd93c46a649be3378a0553c163fcd54abd6b4549e01f811c3ef5438f4cbbe2a39b360b5706edad98afb67cb4d6b76a995052f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
11eedc3504aac20a9aec41cc8c695b3e

SHA1
fbc008b308900e390b89b404c16615030083a5a8

SHA256
24b884e689164a6700ba97ddfea977020945dd2d27b5f291d6e91630d5204991

SHA512
05b601902353444c4c559da9ec23506dab2440febf6c28fa3d232028fced3be65191ae418be41f88653f546fca8fa2e78a90e0921390d475785eb6c78c9a3bf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
95f16d6569cf514a3d822b98bb710e0d

SHA1
adbf9771ef914849c8ed17f8ef8d09e83cb177c0

SHA256
6e1cec75eda3052caa172cff86cc769415c06d0f6e16885a7f5bd4e43383ea97

SHA512
5acd80ea620d970512f78d5f27efe122fe704826f8cac10281bc343b377d9cfdf40f8968e8c773ca68e460111abd366a7835b8261d3cf0857982ff7dacb00ffb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
0d022eb211fe293479d0e3849e9f88df

SHA1
90dbff75d10d4c967cc63d480a03b5ecc05aed35

SHA256
7e944c94d75e72e590c0e59fdadad193c499e7a0499fc206100d0bb644896a5d

SHA512
c8f75622ce1fc8790a287e4813f757c44d0ceeb9d189a13adce1419b0ba5b4b9ddca56737cb1c670bae3cf44059dce02df3410fa9cbba5a364031a408c2f05cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e1e900eaeb3446a8b1ad918df5600b54

SHA1
c61d542c56f42d7c6fb1d0e6d29f92bc9c2780cc

SHA256
8a345488861019524920c1105aadc2487e271c417d4e0d98e9fdef7374481449

SHA512
16063a57fdbf8d24cf9d0f32bbe4bd5f2e12632c53ddc0cbacd7b3f58ad34bd48264739a3c1ff0c0fe947b6c76f903d21957c5edf0a194523dd2162218ee7546

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
6daeba93a7496214a0ee4030d68d4422

SHA1
4924355ca5acf5cff85b9ef37242e29152c76368

SHA256
2fc21251cf482288ade0a0cd7e0fdcfebed260b6bae29c81b0833b48b1267c51

SHA512
78bb30fe349abbf8449543adc555c80b7d426fb1a354fde6a95440a26a80a131f566a1963d2ed79dfa8a40a86d5425ef19e1b480d61ac0e52f8c1b4f0141cc25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
2e52fc5becf130963c933144e54a30d3

SHA1
5ba33d024ee25c34eb6219adb669ba2afbd1d6c8

SHA256
d84ab1d1fad336a87e55461a8d3a468f0b4d219682574bdb5c71b950fc470129

SHA512
7ef8db904e08fb36838b855e1c512f393a40ebe1011c24b1cbb48bff03820e4c0b0752f78ad8d5ba16227f41443439a8490c689f41a9ee5251f9b1ea698740ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578c71.TMP

Filesize
1KB

MD5
ca6afb40075a1acd5c7cf75392289869

SHA1
f4aeb2254c24ffa7732077c6543bd6fd581407e1

SHA256
1b8b9c806a60d94bd93cd0ff9408c3e5af5059d83c78ea71e9cc9665b2ed3c16

SHA512
08316e7569eccd46567db09e07a13fbb19047dd642674ddb0bfa1bb19c2ef9c5a2b177e4905a6c9f23fa75e2bebce7df8aa6e815ae55cca3bb742a8ea31dc1ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
315bc593444ad789186814d945be9dc2

SHA1
8410147120a844c77fcc4ecbfbe1cd504abc44bf

SHA256
dacff7fa287c9603cd8d06c6ee0ea18eae7262aed2bbf8073626315f6dcc656a

SHA512
d2b3d9dc6517b964b709100ad9d9d77934ae73398d71bcfbf3224b74d706614d904c66b2745437614b61fe265ec38413b76d8e5eec4ba139ef1912a20da169f3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit