hxxps://atopgames[.]com/kinitopet-free-download/

Analysis

max time kernel
611s
max time network
615s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 14:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://atopgames.com/kinitopet-free-download/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-609813121-2907144057-1731107329-1000\{005221A1-722A-4C87-88C1-02A75F23B4FF}	msedge.exe

Suspicious behavior: EnumeratesProcesses 13 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3520	identity_helper.exe
3520	identity_helper.exe
5624	msedge.exe
5624	msedge.exe
5624	msedge.exe
5624	msedge.exe
1304	msedge.exe
1304	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs

pid	Process
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	6076	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	6076	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe
3436	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3436 wrote to memory of 2736	3436	msedge.exe	87
PID 3436 wrote to memory of 2736	3436	msedge.exe	87
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 112	3436	msedge.exe	89
PID 3436 wrote to memory of 4500	3436	msedge.exe	90
PID 3436 wrote to memory of 4500	3436	msedge.exe	90
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91
PID 3436 wrote to memory of 2384	3436	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://atopgames.com/kinitopet-free-download/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa481146f8,0x7ffa48114708,0x7ffa48114718
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3768 /prefetch:8
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3768 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4368 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5936 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6688 /prefetch:8
  2⤵
  PID:6124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1812 /prefetch:8
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6948 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:5292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4388 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2904 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,10456635476515918819,6635620757089709371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
  2⤵
  PID:4432

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0x7c,0x110,0x7ffa481146f8,0x7ffa48114708,0x7ffa48114718
1⤵
PID:1736

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3428

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4328

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x528 0x524
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36bb45cb1262fcfcab1e3e7960784eaa

SHA1
ab0e15841b027632c9e1b0a47d3dec42162fc637

SHA256
7c6b0de6f9b4c3ca1f5d6af23c3380f849825af00b58420b76c72b62cfae44ae

SHA512
02c54c919f8cf3fc28f5f965fe1755955636d7d89b5f0504a02fcd9d94de8c50e046c7c2d6cf349fabde03b0fbbcc61df6e9968f2af237106bf7edd697e07456

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1e3dc6a82a2cb341f7c9feeaf53f466f

SHA1
915decb72e1f86e14114f14ac9bfd9ba198fdfce

SHA256
a56135007f4dadf6606bc237cb75ff5ff77326ba093dff30d6881ce9a04a114c

SHA512
0a5223e8cecce77613b1c02535c79b3795e5ad89fc0a934e9795e488712e02b527413109ad1f94bbd4eb35dd07b86dd6e9f4b57d4d7c8a0a57ec3f7f76c7890a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5fc6dc24-f163-4011-8fe1-5e600c41caeb.tmp

Filesize
3KB

MD5
e303fd5759a3853cdd86d526d170760f

SHA1
fc8a1e9a5a7651dc82b7f1e6a508a6d10c10e131

SHA256
b0079659c8bbc36a28357c4487eaf8722c2a816686b9369e9330a717dd77ca90

SHA512
3bf356e6d718ebe9525519bc582c45d0bc41c1e2147135042b5fb48e1769cbda9a806487753307a77794d82eeb5a0c5fd0e0237749d10c999fd978c8c115b26f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
27KB

MD5
d6f862353c2433098d82725f90a0e280

SHA1
55ab2e7e58fd35c99aec7fb52849d866eaefc438

SHA256
719a5b617534fb3a811c51a999f943911439fb43225e3a38a79dfb9c0ffbac38

SHA512
0de7c8478de4d63e2d49e834c5ddc7e6190dfa851b46914f32adc392c1b9e22e6222c01950738985b44612b65a8cdfa6ddd99e77c49e1d6b9257c63af974b178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
63KB

MD5
c28f6aab96639e2611786fbcbdc7be02

SHA1
d090fdcc664a9bff9fa522aea098a3cafd5905dc

SHA256
58ff4cc77308448218785c38382e9f68cb6187b9ef3b49dc3efcfd72379f6985

SHA512
1b219857e1c99a7fc049c7f144e2e78991eca1e6b3b9222b67f19ee8c0078c8b29ef7514c744d6a15c3f871176100b8c4f01a3814332f5cf37c286d2e0a7aeb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
75KB

MD5
1b837e2827fcbe7f6e75e7925d0f3bdd

SHA1
ad458f887dfe346a66fc2c9617a1703384d8e713

SHA256
7e4ee3eac3d561907d53514096ba807e3ca101ca402acd02b02c38ce441ac3d7

SHA512
215fe68dbc349a221a1d7be6d3fc323932fe990d443d2862cbb6098381b9dba122e4e9a0c040d881d2e8997ac409fd50e7eaaa09d91ab1baca9e4f62f91b2edf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
29KB

MD5
cf776b128a74f76a26e70ddd68b46b61

SHA1
24c15fb603cd4028483a5efb1aecb5a78b004a97

SHA256
346cbe6774bf3bf9f3a5aacf287f859103045b0dcd4a32839b00be9f391259fc

SHA512
20751f34d1a3a63e580581d36902928c7780dde70fafa75b87e406965f2dde501b9821cd45c824584d1ece21566eb5fa501d1effdfafff0b2e27ec806bce8f32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
31KB

MD5
7f8a4f124f314e0f1a6d26a2ad2606f9

SHA1
b10bfb19db2d40eb4ac17735c385493e7dd04c48

SHA256
7bb5dd5ba2a9a34556880c1a064625644803bc44e86914e0185ba6004e917676

SHA512
217479bdba2eff0c329faba1f3c90cb287a716d50c1270617231efd40fc554ff9867875582222dbe0120d0f0325730fa4e43ba76683faea1cb8868e10e0f13f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
27KB

MD5
8446a95099e3e2e335b21606b863aa4a

SHA1
0df1c21a5b7078765d1360dc548d08526f16ee71

SHA256
04a11a647216ccde123dafd6a551a96647b06c176b4430f0e9a7eed3e2927b08

SHA512
2245fc5d0a5338b974322c2b95c08bf73e41e9171ce75aff4d4cb62892051115be98c7840f37611cefcc991c60fc1c349650be0ed3fe96a99c6e1b75c88f8ec2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
28KB

MD5
b7817ccc0dc6c755ed771a1c425ad41e

SHA1
4354e29995ccc3f75252c95469a1c3ebfb952742

SHA256
f893634d883c3501acbf18fcd74961df4a04d288381a7a8e7bd276ed736e3919

SHA512
2cfc66a4fdf3d49fbb4bad255986b55dc63bcf8f19e0bbdb25a02c9cab08319a4a81e1128ed29a5302800b6fdf1bcd75cde2ed3a0acb029fdaf9c4a1dd3e36a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d

Filesize
93KB

MD5
d9850d66c19385ddcda1097e2217f90f

SHA1
e515cb816f1f7a07a91dedaec0368bcd44e705bf

SHA256
945e57b55c6ac5ac4511786d123f400bf7b78720d9b66d28488bff937c362435

SHA512
b0043a493146ccad9a53a6164595350212ba27aea1faebbc740092b51f90f7dbaa77c501aa7f5821bff739690c2f68ccd1e5785b63fed937bdb1a233c58a8a89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
27KB

MD5
ac501c997fc80c06e4fc262fd5cfc247

SHA1
7dbf4d75ebed48eef777d98543704b7428556777

SHA256
1e2f5c7c8ab2fac7d64099e92842d4cf2eefe395c10c57979a26de6812d24a57

SHA512
26d309d15a182a48c74378580d64e6426e2dd9afa7cdb5c73721e341a454a4e8d95b813a662a393de3f4ff0c5dae51c88e1a32abc6b5b699a3feb75465249e94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069

Filesize
29KB

MD5
f85e85276ba5f87111add53684ec3fcb

SHA1
ecaf9aa3c5dd50eca0b83f1fb9effad801336441

SHA256
4b0beec41cb9785652a4a3172a4badbdaa200b5e0b17a7bcc81af25afd9b2432

SHA512
1915a2d4218ee2dbb73c490b1acac722a35f7864b7d488a791c96a16889cd86eee965174b59498295b3491a9783facce5660d719133e9c5fb3b96df47dde7a53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e

Filesize
27KB

MD5
35eaf6ee531465286602cf3f7c870f8a

SHA1
c786174e07fd13dad5aa74b3adaf0ab8469802d8

SHA256
0d3cf68fa9bc47408b94312153f0a68c55aaf66fe1e524cc27722441dbeabe49

SHA512
aef253010dd4667b801dd05ad5f574598c4321db32549a08bf26fd1d23a601d78d47afe739507ad7532bc0ab967596b122392996d950cd33ea7cf4c9c8ee3b6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

Filesize
131KB

MD5
f1c3d596e95d16bd2e81f8c29854416b

SHA1
086acf601ea8c274a5aecbd326d3b86439852b9d

SHA256
22729ed65cde41d887ac1a841600386aa154bac2edb06cc829e2ab6be9ee87b4

SHA512
f7d8d76d10e96e3b05f435999b7902e5aafb27c41527b0f9c7efda3890dbbd7583e7e2c1e52be907ed12a67729a4dda1edf9887ce35adf3e8087c5cb54953639

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070

Filesize
17KB

MD5
4573dcf4c5f7b6ea70487981e3675720

SHA1
1deaccb643f7e7975bcaba58f5f16b008aaa0340

SHA256
45081722aa01be1ddf3fb1cf045fb6ff36537ae25c3ee0418ed93533aa0a82e1

SHA512
11e71fafcb034fbbfd8aa72c1c69a656c6967da82abb00c69f4f3a105c5768bede499e589592cffce3917f73f49ee771bb8161424b97ee930c94e9995b920b6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

Filesize
104KB

MD5
7c1ec0a3dcdc629f8f7e41293fe24590

SHA1
776066c56ce477a215c5f20fee611cee1b7fed98

SHA256
43a0e13dc533f544eca697054f0db6d122767c6858c1e515074c95f3775dac0c

SHA512
e233f354faf15dacaa92461f870f43b338721989d81f7e140d26e55c98ec7e698fe032a5d0e2a87a4b04a2201e8b632db9e36fb6e3da066a938ba8adc8e6b420

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
680797e0b8f66d17dc31c282a2f27ac2

SHA1
2b4ac7c29ea76f077366f1ef03d495d8835bb9c5

SHA256
1c4aeb2c11f6fdb0e44b54c7b4b0b7c89cdd6e34d5f67615173e07c781d37a61

SHA512
d9b70ce391c0ed8480a4f6a6b2b91bfab15b48f1d98e43b954dd948aa01edd880dbdd90b3062d1d35f20046dfa2d218713c6f9572429fdc442b4997ee409ec1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
188e12855cf6593ade6b534530b0e3c0

SHA1
b09e7795d7162ea55e9d9040f4bf0a791f2c8f2e

SHA256
324bff5f31bb1007a6f80d952239c41ed8ca8a67a797e48511bf8a697745ea70

SHA512
69adb7cc386e9bbf6f40bae40be9159c5a9145b5a34637aba2e02f2dc1adda42ce129019939d69313cda1e756089e5da3f2d11c8ba722ed0c4d1b7619fbfd677

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
9cb0797a3d73163d5ee9eacb8339bb56

SHA1
e60452f2618582fadeea1714c7afd2b360b2c7f9

SHA256
88c97f1cae20399966a318605100eef79978a9a7b81102ec40abff3cd0860ad7

SHA512
5940b9a2d4818f9699e0a7f61884a85240692ed4f5e22230e9d302e4d1641e6108bfbc295370ded8d0104706a7749279972cbff83f1a48f8ce02f67d2bf2e4d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
38bbd49b6f77c0fe7e12095fa67cba4a

SHA1
3adbcac51a7b5e75e074e6811f1b39cd4b54e798

SHA256
bcae9210da6d867f83feabd574eabb44645c6a670ceb74c66042c34621475acc

SHA512
04a8d728b62a957d05efb6918bcf3b417534dd92b8f2e84b1da27d6f4d0f1886fa7e3872ed1c58e75e997a0e4b86b06db73aa77717892ac131e8745afa5fb8cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
d2bba35791a035fe33e84f32b55dcc85

SHA1
fa3337d656511c44636a102f68ce6ea4ec1fd735

SHA256
beff2bee4d3b960b83a65bb906f6d060922d91d48251863458ea8a6f2e306acb

SHA512
95041fcfe2eef0552855792f2cdd3035bb9754d478a8a70bac5145222fc702d5186c56e92b2e347a91c9714459a31516e0200f06dcdb53656fde00a83b6f6015

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b9abe6bef482d6586dc69c31b45ffbc0

SHA1
4c38aedf17a5a1860410e9554faef1e359b64370

SHA256
cd03b30e2d062818956e51fc834b712520c6f613242286bea06f922071ad70f8

SHA512
e2c3d73d3b42dc2bd39651be8e4746e9345408ef027a660f0e5a11c965cad5f75fe52e9498a0058b0b668a47aa5b4369074e0de1c7a3adc0f238b70a3a2cb926

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
c2659655dda8fe2aa85340478ca228f1

SHA1
617444ff4a8ce18a99d10fc65d1a4f5d51ea18b8

SHA256
2f26eb3a361025a2198c17297c5ae61d8107f86363f5406e5fcca79158dce94d

SHA512
d3a1148a7ba000d30e216ed5dbf4865618f3ea40f75a8b8bf901783a0e145c0e53674a29b92bad35d749f242c26c60bda0c97b636da7ee30f4ef831f782c31e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
26697343d4f1aecf303068b345a828fd

SHA1
1ee88a173450fcff31fb1809a94d58c5fc68feef

SHA256
36e9e9e256c220c01b4271050dbbb99cf92ba36b7b0fee1aa536664e8461387a

SHA512
97ec26ebe7e6a873855c336bbb186aa0be6332a2202856ed8a08551994513c2c29f465c8255e3701819f2a3bededc9c7116cba6d5cec22bdef36cf411f1db39f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
133795d2086e517ea8299e3a2c4222f4

SHA1
a3a43ce272940637a2f0307f805f60416ea7ee9b

SHA256
f8cad8e65ee2aa68ba308deb678eefa8e191856529d619ec45c3dccd1d565fef

SHA512
c649c3520f9a6d7e7979480b12b09952da477053bfecbcdbd957ffd8ec9ae8ef8a6eccab66868704b5754723e6448dcf8f59245e9dff4fd7cdb009d09f9e0bfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
5f592fe522f0a358587ba7f274c62660

SHA1
9e793a2c59bbe5a944aab84ba43991eebbab6baf

SHA256
29e006c766af4bb4d6c4555e43d157b8ae2f2e606d07a46aabf77adde640bb30

SHA512
27916dbf98d1aaffbc3b411f032de29653d04a9af3cebcbd3686bfdd9d1e9f15d1bcb269937815622c8944696119f0747a193083a1fdda8238340572989a8fa8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
0da1219be35be89e7e661a8f7b938cf8

SHA1
ec4f768bf1dde1ecaac301541d083c20cd9fc81f

SHA256
bb7032d2b789bf89bd9214b8ce0ae937cd6da9facdbe243cc64bb556743cf695

SHA512
c7426569c3886b71c6799468385836b8f09c8815fe33b1f40865e2c8b7fc0194afc2c063d5121beabf71ff0775d07862af2e1aaed7e903298760191e0f5cbe2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
1e070430bba6b1c6669183b796a92af3

SHA1
d48f70144db98435c3e3a6e69f5c42c7eebe1130

SHA256
94b8b6075f95d95d318f5b60a78421935e675571c3219e159ee26ea25983fdde

SHA512
7db8f6d764ea15fce876c8c8d40d2d24e79b8b5e70529464060220ec9ce87632ca2ddd1a974ee9fd765826b999a52576c57a99c858c4e3c227f1035846a0aced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e5a40a97bcc86c0e7405b373eefc760c

SHA1
da3b9caf231eed9eede695c52d1fdb3f76ba88f5

SHA256
97f13566ac468e55102ac77bf21daf547d469f28f71c2d789cde3e2ab6af13b2

SHA512
d1d29c3ebe2367064bbcd17b18f5942531b335a65b7e48a3e557b48b3e19f73ae62dc66f4525576bf59355868bf6b5a0a6759c5b133fc2cd9e882119f246d300

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
799eee67eecce94daf9a40525e551664

SHA1
ade62cd453f62527bf67bf230cb4156ab29f5efe

SHA256
9aee30d78cede4fe4eeb3be900c2d4876d54c6be5dac3e0d64b4f2ad3da5ed3f

SHA512
173435191163f8847ab1523c077324ea79633686f7814b7451819099d8b63c5fcc89e41522af4405a5f7165b5cee773fc688f45b106f31774e42150b0eb2f37a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
d4455ef86d5cb8c82155570152c9cdb2

SHA1
ff39e4fc0079571069c1d34fe70d7ca6a00f396d

SHA256
d9c542c361234443e87ffa2331c405323594e51df08f4280cf5c930386433312

SHA512
3021fb66e7ac0b31c4880f0b8b914c844bd12d18bd4c3c87e7a85481092f8d98bb260a89c3712459f2881925d2d049bdd488bedf3aa7ed6f835597313225616c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8d8beda3ee30ea08113d7c92abb93d42

SHA1
60caee2978cacce39a04a87c19ab9e67e89dcabd

SHA256
2ea4edd99edc52e3ca8f785349e3177d5b687ef34c4dc631cd1df09c3eed4518

SHA512
cd4288d811e7f4fa4ada7c0275a51b9e32e6056f7a37e7e594811a80e4466d2fa62a8f3bfc66a3c21f242c9023b933eb1af11f5b9a93bc8ea5f16bd8be33a066

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fb376fb4578f11b6452e4ae9abbe31e1

SHA1
b609b6aca07d77c86ac3479a44ae2f42f42c976e

SHA256
676d329d7c0c3916caac2f21e15077e6c3c5bb562626071f2ca1f55c3dcf5b3a

SHA512
0d22778d5bfaa72f368488590139678f6e230e6bf9fe3c20d302143c9a6d93d11ce9dfdefd72f0d250098244a89b8ec7d7e4cfb5000d5c084f7590a32825f21a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
36e4084104ddc1284fd71228f898e1e9

SHA1
fae962efe69f015c6f739dd42a1d053fddca5c99

SHA256
150ef5b54cbd17676c30af9f11b8064bfbd208e59e170a0dbdfd119e7f716201

SHA512
73bf6273d002ce6dafde56056a7cc1635b3f08016799bb0a64f45500bdb07e73374a9cf348c284913a511894d3de3e8868f8b43750317ebea3e692b00b4690db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e8e863775976d505473609e6f8a86772

SHA1
ff9ee71432cd9fb029b2545a8d3a703e2d80a35d

SHA256
d0bbb69b67ea14efa0aef25bc53a6a601d1f4f8a0073bb4456aae573350ece8b

SHA512
06241806f8c33e5e355be0114b88a28ca22d2be488ec314a160e097296f7bafb1c1047c0544bef39b3b2ce976e5869582e4e56657b6342045ffd5cef77ee3faf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
eb0e1b51c707c1d704d0a0271a6b3383

SHA1
a34dfad275b2298193161667ee7f47e9b81f8cb4

SHA256
2487a06732e584b02c403deba78ad22657a8876f335639c0edb8507755d4d395

SHA512
0ae0d9159dd3a126eecda3c2c77cc7ceb2a6016a9c57ed5cb371728288f779f14c56644a71c13c4a972b7ec66ee7824fde6baea877655846731ff1ba7c88969c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
edc09ed5c64ea967676c1f42c22d09b0

SHA1
b7e72156c074e8d5efbe7ea40ce45059ac8ec9b5

SHA256
ff0045e932c2e286e6dde978494c3d557a780ec5b0334373af13f11a727057ea

SHA512
3f34d26a37d8e72362d21bcff8df853babc4ca76d1cc85b0a930719c6102d03724f7612ca540d4728e0f20c82d18125730bc247744a9e9f0eb410fe5da77ccb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c929a5da354f77cf0ab67f9feaaa7c08

SHA1
6320666d6ffc8bc9a8ab88bc51d63626cc60bc10

SHA256
9575244b7c55a4a0276a0b53b76c0bd6667989761625fe32bc55e94901331168

SHA512
a88b5d261228380a104fd70e0b9a5b9e327b7602e77dc3ec39b188dfe5cf2f82157bbbc8cfeb779608b61493ea2bd3301485371f4360414d6197ab516aa263e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e04171994ca80cc630df676103320462

SHA1
dbc92023e6ce0d606deeb2375e9f97da57f13936

SHA256
b73b06e3a10db4606c33026891a7274cd3308887dad45653d808658240c8b48e

SHA512
f7bb4fcc070bbc458bf70d87e5df978571ab8ad7d58e2505c01e0c67c9180eafb58e62e6114225eb782d2ad6bf282a7ed9dd2b8cf7f8a5d67bfd2d052fe637a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
d0e2d6c5ebd8b74e759c6e1df99073ec

SHA1
ae722f3cb393d26ab1a5f2b2031410958bc421bb

SHA256
776c6fadf15652fdf2a8f35020ece02543c6c511e26fcb21201632c69d20cad9

SHA512
d9815f71364968c919fd5e0a6efebb7c03d5d816f266d9e70db35d911974a9d6776b19c840bfcdda0f11a60efe6455ed90edc01450a24a99d4e19c6d40d5dac9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
b7b59a9d0440c22c4eee9ca5bf3f0d46

SHA1
671d05d8ff0251d3cda1f1299f13ffb6d440aafb

SHA256
29291a1ec2530861efc1b92a66a1c20675719e14e687d74574a0ecbfb15598bc

SHA512
6d2ce9edfde22b670005673417703cec63052073598eaefe70c5356aba067dc4468ec2c1a1a4004b35e8dee7a5cf360e9a0d6fdbf49787ac0c09f1a78b0276f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
561b358e12bf00f584662597c492da24

SHA1
bce7c5a8651762ea59c1fc30fc1eace7e34788aa

SHA256
7dbc3667fdc774c822f7140e797ca0708487fbfb7972e7ec742a66d1a33bad87

SHA512
3293ae31802b7e1216f7164a577e321d6198c7e04303ffaca78705c6872018f7413859cc5209abe5823fc4e60043d3b1fef34ffc986f7f3d7492025cb936f3f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
f82e2c4dbab47b25b78b72fee0c2b9e8

SHA1
a251932babc2646684ebe29df81fe7aa05e07ba9

SHA256
0ed3dc10ba3018d755efacac2fe7ce8c8bb446ddf5663bb09184a61acbe62381

SHA512
4ff39cc9edf262aeafd81de59de6421aa1507006a6cc6271ebed55745a3e061935260690983990cccb9b4187e06c8287ca3d5271042520eab4698741ab2b377e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
b86c023131f0b2a7a16362e8fcf8eb50

SHA1
fc6d711a2f0da7857def8d5f423f4e4d1431b229

SHA256
776b43ba63c8450e475e486dcaef0a0fe4bc6280a378d8defa93a037fa21d09b

SHA512
52fb5c1ce4c2c93454a4ad4d3de18cf6f5417b22077d3af101da1c8add49c3413959f17f644b1a520c44ce8644d0125abf1daf45977afe99eb3b50b4b253b96a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
a6fb4818594ec901c7a45ae1e24c095e

SHA1
c144eeab3e50360654dee8e90af1c1e0b2738152

SHA256
48a27056cd6e3c1e71adcd15da98924b72bbbb953f348f124c85e559466ed679

SHA512
fd7763020b82c875fe20590fb02bf64bfdd4691e97fd83c01b98983cddb6a58ae374ddaa384dce135d026ad9829dfc540c3938f779b9e761ab73f126198f76c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
bc391db8dfa91cb943951b7672e18521

SHA1
273841fb5768c059f3a5c994846fa3b7a839b689

SHA256
d3e36de2613943455d7e56607c1215b35e107f6fefbb0ed1067958bbc408714a

SHA512
2dec4c3a758ced1ba7802e19406aa6f4e7de65e66465a2ade53f86a95b438ed4beb1f3b50a88214284a732e4fc0874546e6bad558842ec6a2e2c737e4e486a51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d969ac8be8af4fd9dbb7261113c053c2

SHA1
801f3acceb78591fa702a286a86b3005a1355273

SHA256
e1dca2ca4c3566b1b45fea853b1540ea20638637fc835c33202655f17b7c7ff2

SHA512
68682f4d66f557542674b3f9698c3f15368ff0cfb5bd85bbe68f3eb69951c79909d6a19ae37a5a394b3cbff4da1acf26f3312b0e508e6e4fc57a77a6c4d92fa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59ecb8.TMP

Filesize
48B

MD5
b7fcbc5fbe3f2c8a6f66b7e0ac5307c5

SHA1
426b8634342123fde1d6f583cebc1f6b36a57347

SHA256
cd4cf1f7772b518e16bf3d4a7a8f753cb4727eea8ec108b9355352850d419192

SHA512
f3426b94827adbdd6bfc8dc8316a96ed02d707d44e03221b7c3f9d95fae51eb80f96d74bd54999eb27bb78f916137a30f9e8bc0ae6f0947036afdd078ab362a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
132cabac676cd3b1fd5f71a6c009a3b8

SHA1
61a0b6bf74ba321c6eda0b530ac251c606a084c5

SHA256
5e8c16319a2d57db9f1229173fe92a399181e6e1b1b34313f79eb62d7ec0a66c

SHA512
edb7cd9f8bb1418f1d734e3df9ec7bcdaec6bad38de4541342f28d049f5fa9c9da8a571415a69df47ac349ee94d88bcc1b5ad618ed4b459bb3f0e43fdd748676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1c862f02d4e0e4661ae4de41906df5a6

SHA1
7bef15fdc8e8678cbd168fc2ab7fe713532984c9

SHA256
2edf8f00bf43d9bc1e4883d210e26db1b2e6c028f58ec86f9a393bedc96b52a5

SHA512
c67adc9e141988a740e6ad0e23cbcc18de3272781fded31ae2e6ac8e66c334def7fb7af03def471cfafb477ea2248b048cdbe83c9dc489505259ef8b96832612

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a903b89dc6ef96fe5abd6c275948a032

SHA1
7d27e277f58550196466f8c09d46c2b575421333

SHA256
3b377b9522e55d4753f3a72aa1b6c2113c397fa66111b29519ac191cfb0e67cb

SHA512
77d2e64a495d271bc54b9ba84f9107f2652eff43b877becbd6e4596a5b8a9ac90ddae543c88220db7edca57bf1c4511f462e590fbade24b9557b2cfaa0e53092

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4740b0486f97fc97ee5181fbbc68995e

SHA1
b4c0190f0235ffc68815d5e62c291e293b0bf959

SHA256
930f2163e8be58da6eaa180deb3f3eda4259e47d7544c8fb77433bdaa7fa77c5

SHA512
9078d52b6625c2fac4a7557dee32357832d660568c79f7f30bb8409cc92a1922448921a248ecd443ba6f858db9a078c838167a69665180d05ac28894b52d3c70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
bf3a4e402e46479e2670c585ebde06c3

SHA1
13667ffc3071960ba003135ae1c84f6c1e630a53

SHA256
031efa24f962379585c6ec01f6e855f9c5af89e0405bcbb52c717827cc0ddce6

SHA512
d5edbaec1a49c91f0e222fd4c19d33c5d3e99239258dcfef7a6fe3c74def89fcb91b44c2bfa1bfe6985509027403ca773a6925bace458373d1f4ddcdb2f16e91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fdafa0fc26e49e62a5bcede38a84d76f

SHA1
cd15e77b2205df180cf4f261f1192738a2c05577

SHA256
fe131a15ab2efe79cee655918dded506e9afadd26a871176a9cc12b0a31a65c1

SHA512
8c6ab836cda3921bb127141045147081fe0cdfe82cbd6fc15df707d0453ff8b43e797ffff38397a5559bdcfdcdaa86d20375ac3bc7eb643e51ef04ef0ef6dce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
46abeed81b07ba62b00fe8924f537984

SHA1
128034ace75911ed73c4e71405b150bdb1902a4b

SHA256
270bebf8fa4fbb10a16b792c455aebdaf3191fbaec197f323cd9e98716b97156

SHA512
ec6e40111c1319cff9b9825ce2bd00794e130be9d97db1a39f2fd2bce9d8d8f54de3362048d9181f184405738a1bf7111016f1ff171438f0fa45332698e4b1f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ffcfc3d033a8a6517e4abc83f1031b4d

SHA1
29072d0435b79cf8ae2772ce821100c6497319b7

SHA256
127e49cab6bb96892d589cb425bd9d3c80ecc5c0750684a530eac502eb1d8b00

SHA512
62a2b688c6f967f945027dfb6929e33a9e04654548d4ac3c4f6ee003c307fa84e190fddad41e639533d472546e9cc96b0439228650115f310b5bd6e93c0acf08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dad5166163272ab623526315247ff03f

SHA1
862b8b9cd9260e8c9ca0629105df22609e061952

SHA256
51b698ad0b39094462419197f91969a8a2f7f125b25e673a364764a5ba755a8d

SHA512
02fb6d62f8b463d28ed9d70ae3e420068a3bb9bceaa180713572a87282fc26c2e3fab26ec4ac6a681c94299be425114247515ebaa156936c4cee4108294ec049

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
09f493be9f5465f2a86f1c3b0b9d3118

SHA1
216821ae0230ffbf15477bbfbcdfb6dd8e023264

SHA256
97c549b6dc65c1ac82d78d75213e48e404342e9af90fa4bba66d913db989ac61

SHA512
5fb21800283bf4a854234260af2e0131c21dc7a68f6157c30f43732de8f39011b10041365d35f037b708a62163904f01886b6cb4b901ebe72947e5264177d257

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5af22216dea3cdf8b1ec37daf3393f61

SHA1
a401f3d345ad8c2009a43e387097f62ab9fbf0bc

SHA256
f9a4ca3d72365fc400cbd84c6c124885cf6c87c8c989428c925766886da77dda

SHA512
db953734fc9f561f26a96a8973914180f7150147e425ba297dd5ed2ecff124baeb9130a2e0b5e3b802fef6903194f1c95f0c1273ec2bf679914dcec19b4fd5a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1d197474afd296fcc729458b8d4a1704

SHA1
a1efb5c3593fb60b895b2a9e9aec9c5264096757

SHA256
0215470765ee68a376dead948d59c06de43030f4215d4a4585affbb8a9e99f2f

SHA512
69d8abadb9fa63bf7fadd5663e573ed6aec076b14d7630fcec45065225e5602f624724060d7db3bce0d300c13e9d8c0c43ae1d92afabed365f3cbbf7d774d437

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5e103a9b9d74aaadc43290e1acf69865

SHA1
ef93e6633604c9371e31b98a2932269be8ec4491

SHA256
13dfcfc8e0e112f75d04f49fc8b2dcfe4be8460d668fe2e937f2a99765ccf543

SHA512
45a6b4598d10bc98142186b80e1f236273ef0674fdc6acc7b2e0aece2834552b157094b612f3c3f1ed5bc4202751017cd0190f71e647c6d4fb91d9e02d8ccfd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8e4c29d4f99d0a0faff8510e24919e0f

SHA1
ceb40fde58f3009998722b2fc606f746d807a010

SHA256
9ea4b7ec09349d65863f432513bf1dd17c97423b07385ae2d3a05042f8ff76c2

SHA512
29145408307d55ddf987e9268da10474ebef67386fbf0fd25dcdf3e4769f21e7400d14dd980a90c3b849d98ea15fb507e57cf67cc8408ef3b8378dc330fd7349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
444e928827b37ab7f94948137f9dc897

SHA1
5b683acbf9422b97c524df50839064bb7bdeb4a7

SHA256
e328e1eeca73381f2e92c1e30fbe8e24580c7a98ba3200cf268cfd7277549cf0

SHA512
293491a40b14803ead0f9a4a17fb7d786e6115e3ee508b9e99842862fba6e57a6048415b66237fc5cf18f4f4070f5afb8a7bf4354265ba9749a27008b647e45e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4392959e27918030f4f5a95def5917c0

SHA1
c90d4112dcedc275e7318c117d2cbb07f5d33814

SHA256
21214658d705fd45883fb603db7e68fd5031483fde83c6a50166f234a5091517

SHA512
1fd01ea13c33908ffd176309024c233f3b995e0ce599ac354e51de9d4958bfa82886fe907351f3a69e186fe97861a2968c3bd4bb8c4343c81c021d2da1ffc490

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
99f6df93c6ae5d6b6a8dbb68f92b1127

SHA1
85ada09c519eebd1149810cd9e946f1ddabc5cea

SHA256
d4ebbfbe239d431b30046a3a60d709b69af96d7109cfbdff3712a3922940586f

SHA512
158498ebabc5131fe171881be122d5357ede3772f9cf048d17e814b6715633f01828986ddde84c1a396402a18ac205b32bf154a46b98e5de0dd849cd9af79c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a5db6883c145d3e0d4095e78c83f9207

SHA1
90f91c7d46b25d483fddfb04824a6e83bb7ac048

SHA256
6d2394958e6aec760d69570e2446a40341e207ca5a175cadc846be0f77ded18c

SHA512
f71373ca1d9bb0fe7be2fe4d24f9d42bbe78fc43b4cfcf4cb9504f63959890b9db2724103169164d518599c158ef378205f5048b3b247fea3fc4528421652056

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5365126ee4ed24529a48918b57b428e5

SHA1
750d61838b58ad4d4cd17d127b7b4ed0627b49c1

SHA256
dca0bb864eaca2d881f6a55d91bf5600adc584132297746dba72f8accf086d2b

SHA512
7cabb9442f0a5bd8820d8da7c8b5ec5b453bce79e75d52cfe2ca617665753042d44fd05199ef4a4da1fc326abcfd672f3a9856d83af4fb0b662dea0a930b688c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58364d.TMP

Filesize
705B

MD5
fe56c2df0a7efb681b73e0cc912242fa

SHA1
d8e6ead2d3344222835addb2b44f79ae93e6f23d

SHA256
c9d0b0cb16e3cef253525916c05acddab5cce5723765639ec948e853b16899cf

SHA512
0e2b28782e52b7c08ac947d9f5034c975c4f02c7cd0e2eca72f0b818c00c95cef9d2f43a2e61474f2f5e52fa561f102ed992e5eacf608f02a69a8f1d04e9830a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
565763b88701d8e288e77d7ff44cdc04

SHA1
acd6eaacd4375e609b4288acb5813af2b08c53ac

SHA256
80e4603fbdbe9bb5ecb7f74bce7d88c8b657abbe3c35fd093c4e17f76e8328d0

SHA512
93041468a3e5ab64cd85cebeb8632344ccb9c23c7c0c29084b8e7d95f6c7a6c8ee039335aed0e291b27dd867d27cab0ca4be31205f150377c9a76ca8c072a25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a3d2a3a64939cf0268841cb21ecf11e6

SHA1
100c3e4013e553f6bf470dbb5f77532e123b5703

SHA256
67e847d57195f6350419d7d48128c9956a9f1ca399dbfbaad93a55beaf7f472e

SHA512
f63623b0259ce138d899a0b88727e204ac67a8784e6d3301638b61c37456c102f2550de964f0d85df335138bef2bd23dea92f76874f8dbe208a790f6491647f9

Download Submit