Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

cryptolaemus

windows10-2004-x64

3

cryptolaemus

windows11-21h2-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/04/2024, 09:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c90fcfaea45454e362cf7a2ea15bfcfcb07b5d72c071d4d91df15074d4504812.exe

  • Size

    896KB

  • MD5

    251a5804ab3c76141af9eabedc7a3bda

  • SHA1

    0488f7620451549ad14ef9ad4a162f7d73209816

  • SHA256

    c90fcfaea45454e362cf7a2ea15bfcfcb07b5d72c071d4d91df15074d4504812

  • SHA512

    f234b335417fbe1d8169030691dba282f2b898ef4945788eed603b5e1d705f17edd5ee3f6988d1e3d8fdc42ca4a39041a59e1d82976d5f800e048daf8d8244d1

  • SSDEEP

    12288:lqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgagTR:lqDEvCTbMWu7rQYlBQcBiT6rprG8a4R

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 28 IoCs
  • Suspicious use of SendNotifyMessage 15 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c90fcfaea45454e362cf7a2ea15bfcfcb07b5d72c071d4d91df15074d4504812.exe
    "C:\Users\Admin\AppData\Local\Temp\c90fcfaea45454e362cf7a2ea15bfcfcb07b5d72c071d4d91df15074d4504812.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4948
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:3724
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcabcd3cb8,0x7ffcabcd3cc8,0x7ffcabcd3cd8
        3⤵
          PID:2464
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1836 /prefetch:2
          3⤵
            PID:3324
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:2432
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
            3⤵
              PID:1500
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
              3⤵
                PID:2172
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
                3⤵
                  PID:1412
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1
                  3⤵
                    PID:3856
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
                    3⤵
                      PID:4236
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
                      3⤵
                        PID:2956
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                        3⤵
                          PID:1664
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
                          3⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:1472
                        • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
                          3⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:4568
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
                          3⤵
                            PID:1568
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
                            3⤵
                              PID:3588
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
                              3⤵
                                PID:2840
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
                                3⤵
                                  PID:2172
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,16861826767481188703,2459579672266682418,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6116 /prefetch:2
                                  3⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:4540
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video
                                2⤵
                                • Suspicious use of WriteProcessMemory
                                PID:2012
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xfc,0x100,0x104,0x80,0x108,0x7ffcabcd3cb8,0x7ffcabcd3cc8,0x7ffcabcd3cd8
                                  3⤵
                                    PID:2528
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1712,13199224450376134439,7752415289636621233,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1772 /prefetch:2
                                    3⤵
                                      PID:4432
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1712,13199224450376134439,7752415289636621233,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:3
                                      3⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3092
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                    2⤵
                                    • Suspicious use of WriteProcessMemory
                                    PID:3812
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcabcd3cb8,0x7ffcabcd3cc8,0x7ffcabcd3cd8
                                      3⤵
                                        PID:4900
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,2309159737120360960,10284271005755961309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:4996
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:3328
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:4396

                                      Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        0e10a8550dceecf34b33a98b85d5fa0b

                                        SHA1

                                        357ed761cbff74e7f3f75cd15074b4f7f3bcdce0

                                        SHA256

                                        5694744f7e6c49068383af6569df880eed386f56062933708c8716f4221cac61

                                        SHA512

                                        fe6815e41c7643ddb7755cc542d478814f47acea5339df0b5265d9969d02c59ece6fc61150c6c75de3f4f59b052bc2a4f58a14caa3675daeb67955b4dc416d3a

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        3b1e59e67b947d63336fe9c8a1a5cebc

                                        SHA1

                                        5dc7146555c05d8eb1c9680b1b5c98537dd19b91

                                        SHA256

                                        7fccd8c81f41a2684315ad9c86ef0861ecf1f2bf5d13050f760f52aef9b4a263

                                        SHA512

                                        2d9b8f574f7f669c109f7e0d9714b84798e07966341a0200baac01ed5939b611c7ff75bf1978fe06e37e813df277b092ba68051fae9ba997fd529962e2e5d7b0

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                        Filesize

                                        960B

                                        MD5

                                        b8369ab42bbd2a1d697be8899b6a51e8

                                        SHA1

                                        6f2abaaca5d1bfb9cb8412b347af25a1c03e57c6

                                        SHA256

                                        34c7e6e76bff3f6f485394d2f150e5c4e04f00711f52ae4e76735262e762fbbc

                                        SHA512

                                        f54b4fdf031d463e20725864421f4b4cea541baaf2174a812b6d45d09867ee166feca4bcc8290316e3c8784a78ec968497d13c9a689db99d398d4a9f59ccd93d

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                        Filesize

                                        2KB

                                        MD5

                                        3555244ab1d8040d26f487981f139774

                                        SHA1

                                        fc98bba0dbff4665399449a0c4f979993026e013

                                        SHA256

                                        eed11606a401228ede180e123158b6c34b5a9ebda52d460c02923611dc92b949

                                        SHA512

                                        aeebcd4db329e7f656e663704c88c549fb1e6025a71f67b2bb4b95436fe7537887df6acced032991ad373272f8041dc782f569452321ae0b471bfb9dfe9b61d0

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        5KB

                                        MD5

                                        b4e50cac37f07e2e8f9439054a70e684

                                        SHA1

                                        98d4bf18b4013d14d1076a5fb17fb03b2b6e73ce

                                        SHA256

                                        bbafbd4a89cfb0cacca45e451e100c764f5d35e3100d5d5b7896e2dba2fa2c1a

                                        SHA512

                                        13edb5c48d1169b66abd32eea39589cd6e562d23b61e7a4e81da152346390d873ae2658b055144a5d33bbc386229ff385f4fe66095e8d04895a3f44df4e16de5

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        7KB

                                        MD5

                                        5a73f24228218e821677c338bd323ea0

                                        SHA1

                                        4c3c6fae7b294d7a00f8b8a5cbd2630b7e05003b

                                        SHA256

                                        9a9cab35b5620018b1c9e0a15d0d69e6528766623b6e91b100ebaee8db75823f

                                        SHA512

                                        d2f94dcc4ea18b6813c667f7147eee3e198529270a3c6329cb7578454fa9189a094c59ea0638dbf6f22720d1866ff04c903550fc95826707d16bd9c645594cad

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        703B

                                        MD5

                                        59a60dc0ab76fc80424783e10f0cb442

                                        SHA1

                                        4be242312389ea62d2e380da5633096d704f8326

                                        SHA256

                                        d8b78c4672824198dc6522f7feee9b09f9b64cf6acdcf943157ff264a928205b

                                        SHA512

                                        1fc44206981421945d4804d057f6c37890c73b9123304ffc644bd73733084c7f3eecaf20c176e5f6c5d002161c68575f08db0f5d5d59161a29a885f4c8aa3d9d

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        703B

                                        MD5

                                        5a92633ad161a2a81ff6f976e58bf0c9

                                        SHA1

                                        19eb6a92a99cc6e85056460b9fa16d42f1e6a483

                                        SHA256

                                        366fe2d3e32da673dfe169fb70687b8812644bd765f39fc71992516eb7347292

                                        SHA512

                                        13169d970adb08c9c13949fc301ae51cf92c96b780aea1d89bfc0c109f83d94145a45544751e838ddbb236280291b4975eb11e10767e98fc708521c5a5c117bb

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        703B

                                        MD5

                                        8c94d6a0c74ce9eea726f7c7826eea4e

                                        SHA1

                                        38b75853ac151acb3cbcd93ff0e52ea95af1a9c4

                                        SHA256

                                        03210235fe7ce32781195ceb1fd01f09a4ef16e33af7d864055211f88573ba5f

                                        SHA512

                                        dd0c44ad84022ff282703d3e1599182f0a01a6c859ad6f936c6b43083125917b2f3f7d22040495429ea77037257b376a1b5ce889d5801ccb9702ce0facf71d0b

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        703B

                                        MD5

                                        653e27fe135a27836b8f4eec13fe56ee

                                        SHA1

                                        f71fdd3b36e984a20d4ce13b44be9f38a11a5e31

                                        SHA256

                                        bcc58b7daab459404ee21045ee2adb877756a28bff40f83a2e4cff89045696a6

                                        SHA512

                                        599f099c46b327d82d08c3300ae67043636069b77784fc72d278b852534e59c1ee041abb7d945b5c54dfec48dcb21e2afcb522c71e87afdbb132ffea60e34073

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                        Filesize

                                        703B

                                        MD5

                                        990362f882b301386aa3da65d464a948

                                        SHA1

                                        7924228c475134ab7976bf0c202810e4175828c2

                                        SHA256

                                        77eb83c5cbe580d6bd8a2d0de7fea0c9baff59b3a049629a5f8369cbc74e5467

                                        SHA512

                                        95294488f92a61d231e76d2841086c06328e729107eb67840e2a52539fce5cf89e4d02eadddf22caed3d590be22290dd908d2f2f4338810939c5fe44b7837147

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cd14.TMP
                                        Filesize

                                        703B

                                        MD5

                                        e0998eeb25e9b5e7af19f529d78a88f5

                                        SHA1

                                        9e8f82701a8d5dc8b8a77a5f468393647a21fad9

                                        SHA256

                                        a00c5a2951ba42aec72f1a671bff5a0309e9e6a585066dd97f5031f79ef7f659

                                        SHA512

                                        886b6bed6895613ae2c2c669ae1dc4dbaac4246590f53e39e4a5b8da7d8c0bfd6d4cab4a923736a0ea9db85fff3a7d96af5aafd0e6f393d7ca99d8da06f527cc

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                        Filesize

                                        16B

                                        MD5

                                        6752a1d65b201c13b62ea44016eb221f

                                        SHA1

                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                        SHA256

                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                        SHA512

                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        11KB

                                        MD5

                                        193a1e1cebe8b711f319e58554cf674e

                                        SHA1

                                        9ace75cea03966db4245b4ff7af2f4eda1cb3152

                                        SHA256

                                        212e2a45847a670f87edc039d94b2ff86063fbfee85399d27bd7f7022569277a

                                        SHA512

                                        3a1b0ae40d142d78e257e0cc2314626071167665135c85ec039b7f139754f3e0531de298c0d1e5acf6f6a39ad5b8949ea67bbcc4ed8bd9d949356420aed0c37e

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        8KB

                                        MD5

                                        27b604959b6e2508fa89609f47bab8a9

                                        SHA1

                                        10a15b53db7ea4d429e2634c83272fc5195febf0

                                        SHA256

                                        742b6ee9afcf2d0557d74e226c1fbe7ac2b9d285e80d1d0541da505d580bac17

                                        SHA512

                                        9714b3562b78d7f38121175daed08e56628ea77e184287045aba311eb863efff817c8a45dbae16beecb7cae61c2c49656232dbf7c557c92bbec08c2247713010

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        8KB

                                        MD5

                                        9de022d7afa9d1df720c76061dc84168

                                        SHA1

                                        1d31fa28f92cfc5db119bec6601b251003123ef4

                                        SHA256

                                        505a3a07a432c052f4cb05d3cce6e6ad5282998cc02220b524f8d11775c94fba

                                        SHA512

                                        dd6be35d9555dd5320de37356935f2b12f88be0b8a8cdf6734746c4f492f035cb77a48cac5e5158a4750914555bc9dbe678be1e700bdd48aed4711ab891300f4

                                        Download Submit