hxxps://www[.]commscope[.]com/product-type/splitters-combiners-multiplexers/optical-passives/optical-splitters/

Analysis

max time kernel
206s
max time network
212s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05/04/2024, 19:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.commscope.com/product-type/splitters-combiners-multiplexers/optical-passives/optical-splitters/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1984	msedge.exe
1984	msedge.exe
408	msedge.exe
408	msedge.exe
3416	identity_helper.exe
3416	identity_helper.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe
408	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 408 wrote to memory of 5024	408	msedge.exe	86
PID 408 wrote to memory of 5024	408	msedge.exe	86
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 2984	408	msedge.exe	87
PID 408 wrote to memory of 1984	408	msedge.exe	88
PID 408 wrote to memory of 1984	408	msedge.exe	88
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89
PID 408 wrote to memory of 2428	408	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.commscope.com/product-type/splitters-combiners-multiplexers/optical-passives/optical-splitters/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c8fb46f8,0x7ff8c8fb4708,0x7ff8c8fb4718
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2696 /prefetch:8
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6504 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,16984748242497022134,974017353267969890,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5460 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1460

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7c6136bc98a5aedca2ea3004e9fbe67d

SHA1
74318d997f4c9c351eef86d040bc9b085ce1ad4f

SHA256
50c3bd40caf7e9a82496a710f58804aa3536b44d57e2ee5e2af028cbebc6c2f2

SHA512
2d2fb839321c56e4cb80562e9a1daa4baf48924d635729dc5504a26462796919906f0097dd1fc7fd053394c0eea13c25219dec54ffe6e9abb6e8cb9afa66bada

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c6aef82e50d05ffc0cf52a6c6d69c91

SHA1
c203efe5b45b0630fee7bd364fe7d63b769e2351

SHA256
d9068cf3d04d62a9fb1cdd4c3cf7c263920159171d1b84cb49eff7cf4ed5bc32

SHA512
77ad48936e8c3ee107a121e0b2d1216723407f76872e85c36413237ca1c47b8c40038b8a6349b072bbcc6a29e27ddda77cf686fa97569f4d86531e6b2ac485ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\25b9bb88-4a0d-478f-acc6-f2721426862f.tmp

Filesize
3KB

MD5
7ba1ca56b06610d919f9002949eb652d

SHA1
86d92481e412a38998ead47ee1dbdd9650c4debd

SHA256
ed63071922d2e12918186c8b001e002dc640b3aad36645c0e058f1758c737b0c

SHA512
7102095a3a562c304011c29993c7765711c175b30a1405fc5b1d890ed0db84e4e32eba73bfad935e1c31dad6afb0b3ccc0dcd5be3c7089f579c63e6401c08c35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
bf655fcc3c076dff19b21bf6e800bc7c

SHA1
09aea54ba7bd4b0fac7b9d66e684fac19db81034

SHA256
d5486a426cf63d5d3b95b7a2bafdd1e9c8097f255a7e8eb49694bf01a2ca5667

SHA512
5410b7e176a713400ed8b1506463f3284a41816451fbf65ec2a5af614c6466a041f38d09d8475925341fbdbd7f3c4a1a4c2c8719d7a249ab18eb534bc00a7174

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
26b68f5f9efe38a91ee54f11d84dde74

SHA1
bbdd9230dc9e70451dcc14a27e26770acef82cdc

SHA256
d9442df30540870ff01fbce044cf7efa06ef897e01aea796322d42677d23ed91

SHA512
1abb4eb551dd73a3e6876723572e08879fac65b174b4abd30cc15ae972225a57e2ad5fa08f11361197f7a609461b703ce89592a2672ac6fd28b66ec47b1fc6d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
e27c0828861dfa3f5bd40d890fe9728c

SHA1
4026d20255284ec2499af5751da5021a672dceb5

SHA256
cee38fa904d5c6979eb0eba03285efb69f81b1f0e50a3f113c16d0403e45a271

SHA512
eac4bfe7bda332199525f4c7c7866254961420bf0ce2d1b0a4404f819ac05e59bafb27365fc9e289880419f4a84461f1d1d9a964b2dc3e0b1a25f18e1916ca5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
54e7dee2a101a8630fea4a36a005c462

SHA1
9e2257f0640de85daeed14779e25c8bf96383d89

SHA256
8943a813ec71efade31896028707422d10e2d392270de44617be8373ea5e5037

SHA512
2b839d1b5682720ea03f1c088f8029aa3b0fcc26ccc83af06d1c17c40f5de9664ef449058b68aabc2184471f41ed3057369e409b801ea4f838012c5dfc8ca38d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
868408275bd065d36f0071c8675ad980

SHA1
6884cf221b11b8202eefe948a14bafd63b0bcc20

SHA256
048dfdbfe8ddccb523c7c11c4df888598c57a5c52e09927d108aaab49a5b8331

SHA512
b7695ea73f9f6c3da23f4f9504821ff246f26c9de239a3df68a504b65896ab341a64184e2dff67e4a930e41a0f39c727a6f28c359b2c59641123da0333f2302e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
42f2b4d4ec40861311ca4e4af506c18d

SHA1
9e97d5f55db9b4bc35eda87cc844af0849ac8a7a

SHA256
395891b478af1b9f575bacf2022a323c563fd3d99594ee93d2bb928ad198348a

SHA512
9df4eeb6cc973942c0a0a9992b59cf2beb062c30568018c3e855e7aff6e51abb363dde317904ed84d213ab8306af266949b1b375b331d58702df8385b9d11b9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
cbbc64326c17bd2da7f9cb9e970d3bde

SHA1
bd0a7a484759b25be55f9221ad37bbc49d353200

SHA256
d98e9fed6adb89eaeb4eab723a25f9db39586a5036569c70a47b19b866de0bd9

SHA512
35a9353dca8bc5af12765d1bbe18185e4df07a870440a0dc40608c8e28de29815a016f1dce18d7c7f646c30eb068a18266ff5cbe528e5c6c295ebc342a54994b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
3324ea13fdb4b89a85a7bfa8b21f66f8

SHA1
1df5c355019ef9bca09a7b26423ff9df1a03da69

SHA256
16d456cc4f5d7a04870e01a588635dbdf86994ea6ac7a09abde223e2e2797e16

SHA512
b0ec47bb760a8d1ffdabe5640e4b97df51b19dad307eedcbff881ecfe68a6962654c076bf3e4036a810fc0e0ee3d00e6326fbdd5b20dadfcba56bcd254fd1689

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
4c5c0ad3b60811912bb06552ba1b08da

SHA1
6acf7ea87570a4683febdd7dfe8fe1c9d0925658

SHA256
66908816f70e9a6b99bfc991dc9c65698b0d56ce2da0563a6d71e76991a53921

SHA512
c50ac56557e1d5947331cbce76cadcb06b6d4b1e327a88906ee586e2eaad420cba13a3f253112f6c4b16b078f013348e46ddd9e8e6a527fdf222a00f6f809dfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
be69bb5a24564c727c134c95cef42215

SHA1
c8f8e4e77bd6f128d1b9a412a0779415126819e4

SHA256
1d9c32d6abdf57108cc1087b715b1febba00a9fdaed2381277d7a80b850dcbba

SHA512
8600a6b61975cc587d8d047de60699f25a253d307f081f68c68a16bf7e5594f682437a38f276a6abd8d29f72a57f3c3ed57eddc7187cc767382bc95c9ba23095

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
365748d8d49a81ef6fc9502924201374

SHA1
13f403443db6a54bfa5ffbd53d042afe76a3fc9e

SHA256
ee1037547fed751fbf125e624ba020548005bd7fafbc5d3682ad415e5aec53bb

SHA512
e82dee2fa98cf67d13bd188be13add7a6983d75426dfc0f2218c1a8ac5c2ce709f4dbd5ee2bbee72de796236607a0910b12182f74222bd9a4fe4cac55107b1de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
0f4e8ded21b8fed9c5965cc7c63a1966

SHA1
b7e98c3ae3a01897cdd1a6ddea2c72266fc19664

SHA256
42e4e99ced9ae1f6c1caea0d36f9ce2661c53ad80041f13d35c48b1466607090

SHA512
80ed3bef6ceae1b0bd0b55dc3011df482e26d8641e4930bb25f29446cf27e1a229a82d8a81f220ff851b51af44c4099d5ac416aaa9291ffd8f4d37f17e128090

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
b426ceb1ce31f47143ceea4864a8f335

SHA1
8f8b5880415810da7b0ff89287a048e4aa269973

SHA256
eb22ea4d9afc1869efe20514e8596d8deea4a471b132c8dcbd01abc5a74daafd

SHA512
f728e68f154ddbe97143ed20d806608cb4096ce4cc0e6274c28d3935497087e4c3d0b5cea214c7b814c2c99495103350429085a246831ba55d6b38bb4fc9d744

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
2825eaa60266d65e50f94f5dbecebf30

SHA1
0231ae4310123a785e5cea0004fb31f830be4221

SHA256
c8d28e48483c53dda474e7d63ac139324503b0ad4ce601779f326593c8b02e04

SHA512
b4d780209f6c790362a66930a500af740a6392230ba90883b92723f173520a6560a6b17ab5d945b25009cc15bb5c74e3e8b762b5625b507dd1a039b693af7dbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
16e5c1f786a46f07a19c4858c85c9932

SHA1
7cde1d19660bf686db3195410200e08583e89d1e

SHA256
0e77bc64e71e354062004c2e3957d90d533e19267a137ee8facdbb4dc988d36b

SHA512
4e45c4c488044883b8ba53a752016a3c494b61d61cb457c39bfa5d88c95e3663317e33aa5016d9ae454e8ef8eeb897a5ba2bccf73cec2dc3582959a4f8a053ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
f5a0b1353295e67dad808528e014de1f

SHA1
b28be5321e388e64c30adeb63077d63943e761d3

SHA256
3549083a45e4a2ffe99886cd7895e9cedbc0986c0890d22619c5ab69956e0ac2

SHA512
1711fc4fee6dc7a51193600a79716996337de8cd89c46d0e803e020dd80d3e6456d9cddfb18b08011b872755314c296cb25cb107a01a4f4a91e5674f212d7dc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
8d9f55d72317b5d6741fd7b92baae3d7

SHA1
f6326993f96960d1fee1a02581024f349641b510

SHA256
f57d63dc653bf430124b4a3f5124979f4ccc7ea2bf40958f16af4cea15943f3b

SHA512
5caea947c1103c29726f14a0306712056eabf2ec82b13d1ff3d19553edf77d50242ba0c2689ece6d42b0ad703da87db9fc5625fe5a0f27b2cf0d2dd142b0a62b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
5dd45f4c8207073f409fb41d005a0951

SHA1
313407c3e5c3902cec0d9089283fa481ab3ed55e

SHA256
4bd32f834b4ca29803446573f8c18f1d05eafe1f539118fbadfcab5d16f3af19

SHA512
a5e75089f446b8c1a5802a2a9ff33c83403eb1b42af27fc33c9d05de30967e75ebb095f5ddd4f15b6205321a3227d0d8fe435deb68b5b2e4768db23616f64646

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
b0100cc734ae6fefc32f6565f72c3ed9

SHA1
afd59c86e22fe86087abb9348c20d6d41f8da171

SHA256
591a891c231c1767272fbc6ed00c44c6e1a0190e140e79e081f4a171ce651cc7

SHA512
b5d9d415d1b2c2a89167602c18a65514e4236ca67530f21112ffdbbc1d0eb16bcc7c79c0239aa1c9494c3431d9f053ad6d82065d48ff4e53ae7cb3d1cabf0020

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
126319737a69ae66a947b27aefaba6d2

SHA1
d43686f8fbd8839cc93cb74eaae8de87c79506f3

SHA256
6b5cdd902ad16b1d44de245136d44eba443142b415ca4697ca8456c03a7b6cdf

SHA512
b663548006f653f9f5ff9f1dcee7893ea72362864f669353d4abbe2ee16929d7369af09b8d57c5c865bd4db1efe16ae8bd6a6c7f1e05d1a885a1cd95a3d81c62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
8f9af2ced472470329f21c3d5e424a7e

SHA1
dc02784dc17161b20b9070187d4fefed2cffaabb

SHA256
9822c5b34efc4899969ea0a0e8ddced98b7036eb9bd5147b5dfb0261a82ef344

SHA512
2e268cc11931e151f51b8252b0f2956e100339693252bbf450358ec3a9275295f7f0dbce7c92137bc4b5ffe0eb1bcd7d19a17ae084dc2af624ee81ed1067ee5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57dc85.TMP

Filesize
3KB

MD5
71ef45a9f22c5c5f9a4e7f9fa001b9fb

SHA1
7c4dbbf27eb99b71fa58fcb9bea3c653a97f1e99

SHA256
d31bb3dfbdbacacfd86923d76e8960a31da4d826a17982301304b06fd1a09790

SHA512
65e75376f4fb06b4708442aaf83bd49171743e234cc8e424009650176b388f2a86004ecf8439bfb4153b816f38145d6105caf9fc0aff44647a85ca0cefe4cd70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f5ebade8c99a956670b6290a0a0fc544

SHA1
0ca30eb91917bf4df3ee6a2a3e740379df8082ed

SHA256
cef3f9ae5046b0b801a5b1ba78f70a701408a1e597d29e8ee9dd717545046e07

SHA512
3177d56c5c499ef1e03fe25a89b6d4e3f321142d840be95795ac0766372fa814cac77b7497257b13beae9a014f9b2768daa52d9d93cb6ea55a61a76461d3625d

Download Submit