hxxps://url[.]com[.]se/beast/

Analysis

max time kernel
297s
max time network
300s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02-05-2024 15:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://url.com.se/beast/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3532	msedge.exe
3532	msedge.exe
2284	msedge.exe
2284	msedge.exe
3672	identity_helper.exe
3672	identity_helper.exe
3524	msedge.exe
3524	msedge.exe
3524	msedge.exe
3524	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 1732	2284	msedge.exe	84
PID 2284 wrote to memory of 1732	2284	msedge.exe	84
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3124	2284	msedge.exe	85
PID 2284 wrote to memory of 3532	2284	msedge.exe	86
PID 2284 wrote to memory of 3532	2284	msedge.exe	86
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87
PID 2284 wrote to memory of 1412	2284	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://url.com.se/beast/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8355b46f8,0x7ff8355b4708,0x7ff8355b4718
  2⤵
  PID:1732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3128 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,15117910930996303701,4711132833783838450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:3900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3160

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
e3b2530da57ed1cc057f1d7c573cd5bf

SHA1
74f96e662f104f2d7ec3fb22306f00d2256f573e

SHA256
9deed9468cfab659be56947a27344469558436d0e523745cf9a2335db20a7bbc

SHA512
fbd04990221f83923832f9bf9047d9d3b7d0bb532e0f2afd060e171a06c2de3a73c02c6a33967ccf244c9a32b8f22ed74371697b82049c19c38fb55fd3843ac7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
6caf78b949951372d3fffc4bfde6a00a

SHA1
e8f733e8d193025fc021d74ae14dd0f6996783eb

SHA256
b5b8cfbdd402a55aa7211f5225acca358e68ad459fe59e90f0e844dc4e924fae

SHA512
f9c628fdd5f6630a485265d7221b9bd83fa626ef24874c2cc9f40b630bca7ef020998c7a4428ac89d47837041ff68378e9d0de442591859051921fd130893ad6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
600B

MD5
9bafe903a505ef7b9991a3ec7b322205

SHA1
f360972aa583ee786eefc1fc1f801a36eab44dc2

SHA256
e269827c042e26be9a379da93328bc4ccbd538a716416b2c9b07183e5ce5d43e

SHA512
92c3a8185c2314e35716d3e892551777ab40248ac80ad3562249f63ddd1cf650538d80f5e587760b1b7ad93b13d215b8afec72274b6df2bc1dc82b6658e3b727

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
af050fd7f2ce5a6789f1b9527e927d12

SHA1
2d0708590c6b73c365e310c8e81f2805cb96e380

SHA256
3c624cf51d5fb2f96afc16a0764ec27275a3e74230a58e3043baf82081e7dc64

SHA512
0d4e5af8683e6401772dd13f25b92252fb46e4fde166747f888b782195d1bf44fdf954c3f649a439c1e361ed2f87082a5cbe592c646c4c12bec4c37979d31c6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
66d2de828986a6965d651e816f4d6b13

SHA1
1039884745a44c144e84d3fcac38131d3e0b25ab

SHA256
957269fb90e7ea6f8dbd075bf855d02510d71268d4c1277ce4d72eb40bcdd528

SHA512
06a4c2fb97b1d85bf5d72b5f3cf1536f9ef254494ab0ad06ebe6a552d20bc3f9010f4e690a8fdfe40e77bbedbb41acd750830e6b51ae4c5daa63cea3169253d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
73dc3444b4d97c49942a3713a7d4109e

SHA1
e1241e3967cf5de734ed5dc7718e9cb0b46dea4c

SHA256
fc548547b5a73762b2e73801ddca5bfebbe986bb118f53df79a5622c4aab29ec

SHA512
488b0cf7820b22270a8897064606efa604f11aae6afab91808531e5f8c5f2aad01d9da93de2cb1e2054eff66c62be1c9f4611a53b7b5c3fdbe5f43997e5a85f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
b528a36591394296f88d61651d6828f9

SHA1
f39682aad39e1f869fa4894e2ddf08b455fbd6a8

SHA256
abd5b29d07f96a3a184dc171dccfc81d9fd02b314d48280d194b534798b057a6

SHA512
aba42fd1759faa0f7a713a53c7499399c959cc8be780807496a814c18d2c55817a6919981583c9f8ceda8c7bf8e9ed414da2e1a06a069c6bb75660fb27c6aa2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cadf8b6a5d3844e83c15dd4b48ee5c4b

SHA1
95ffdba55fbdb73688f128bb9cb48458a0988515

SHA256
87ff0203ac7dd2173c409d1ed72a0b3a74713cb0e2940771ffd8970f6a2e3d32

SHA512
31ce543d344c5c4d557d22fffd5eb75d0caf540cd32fa80cb1f525d245d4254843b42cefd41a539a5774ea210dea29e7d8caeb2b689c19a7dc7c9416282f8989

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a03764121dff0aad3198e786f1d32303

SHA1
92645b4beb14dfa447224315ff446dea8b299c05

SHA256
4da4c67941c653fce90864173ea0e0dd6ac2358a59dc69faa8282fc868cf5d9f

SHA512
e3dc1f2079ff9efcda77f9f0309c565480694b85a6bbb1883e052dde6f341a0b778b67eb7e39782aca34d1edc42af8751349268c900dac6d0f0783b858161e89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fe8eb1a8bbac40563278584735242ade

SHA1
91676767799427ba5c9cbd1b31c9a0aea75d59a6

SHA256
5d3667c9a3df00229895734eed156c6a1d5efbe9d04d1cbc5015d3f3d1251309

SHA512
4cc2c036f2e6946eeef3f50db84ccd50b5049377ef9337c103dd205a0e14e30d56f00abdd36657ebe1019cc1034ed90ebd8e94250f98e49fc9fb99e639907c76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
106369703f93abf9f710979e3e9bdf55

SHA1
c81d81e0613aeae361d9229830150e0bf904354f

SHA256
c6d54b2ee59971e3121d2fdcf70f8a411557a2472073c82733dd500f22f07430

SHA512
95b8f20e29185902ba4bf9a5a7c4f025e96852e32af0ad681d282b9d2434eb3dd449f52203e058426ef2d8668e298811c228799bbbbe1caf92052c8d1ada08b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
00bb847f685f1043665e6fa13018e810

SHA1
6551c7773e376ade33f0a705674d0e18124c0cde

SHA256
61dd98f29850e17d5221826c1d6e6f77041d0c51da301b81e683c659ff75d49c

SHA512
57804b343895163905e4c6bf898ed67aafa94f8634e9be8b116f62a32279de81d1d415058fb0ac581fad117ce550c0eee4e6680661421c0200d277c82c88e530

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
4cc6f5b6c13519c8f08bc3ca131f675f

SHA1
5bf8bc9556250406843e3dee8c7235a0e5f3844b

SHA256
9148cefdaa08a92537b64fa09af43c117ef5189b41bce45c135db1932ea46614

SHA512
a78da0435e8d15615972ff47ad79b922d626b7887504377ef65f4858e9db42877bc82ee9dd47f9b9ec92602f048f7c8102b3a8410e070661ae0f363307bcb5e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9596de312fc984c9b00f20f0cad72630

SHA1
9398eafaf264098aa4225a0592dea9d85a380ec7

SHA256
25026b4f420744bdd53247bfcc881ebb052bfc2cf592f6e3f0197d804d2e83bb

SHA512
e7d7ec4a5e52e1b4f3a62f15c6107391e5fb37af3c3b742603f4f9b52166ace3cc7b0580431f97e03a40ac3899ad2cde6b512eb2e8d7effc0d5ceb424082cb85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c1073f529126ff543ba67cbc5f62e9de

SHA1
495dbc7de8f5fe4c9f7cbd2924fb7cc07b407192

SHA256
dca618a2894b472131e19fd8d44e3bfa83fd49bd9621cd3a000da28cb866fcb7

SHA512
be13dd2a1fe0f1e819abc6177360ea69a7782bc8808bbde197cf09634edf73f417d65c58b9dacc5a9e0c95dfcc032506c6c61914dfccdf8d4a4d43b07cf58b22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
03d706315d063a299c239416f65d8492

SHA1
b054e12b5d6d23ba9f213d61fad3733e3b682950

SHA256
cf121c3eb88581927b01bbbb8660d87b4c38f8f0e7ca2faa41b1487b5c8e8ac9

SHA512
7b25717deac78984229d08b0a861441273580f3c5fd33530b9d78f3f2bc61f9c643bafa57c9a29ab923091f1a9c2708618d1c9f0d69169e58eb30c79850076b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8c40e7c8b94b866f27ddcdcc0aa0a408

SHA1
bca6822108b96d53e1e5717b3c4399119574ce29

SHA256
50d2fa2f3e4edf641613abcb1d2e71720b375fe25bc199e2606c3140ab14dc9c

SHA512
79d9ead5a0c76fb3aec1914596cfde71d80426757bd154d9d1ba4bb6f4b9b7def234756d063c3c8b33831f60c011a0ce09973f10aeb2eea93ed0b56ed476124d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8a16bb4c67f1862308164dcf01da48c6

SHA1
ae928f6283bc6c2df20b449998a80a9cd60605a4

SHA256
dab878e2da54836ed4901dec8d3f972e94a1da6ce727e10802eb2429d4c3ba26

SHA512
9096698247fe40f1d401c9e415854dfba8541c0feededea2377d4c26a2df56852c0a93316415522bf6223ada58b596ca50ba0dabf2c7bf28b676d4171aa8d19f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
67f61a01b8c7c9a93c208748c2e48ed6

SHA1
95118f336dee953688b27fdd07f7326f8fe73281

SHA256
96e8bf6d63e0449d75f7696e4d171542fcd00d470d564f5495add821cc990967

SHA512
e0fcf1f4794332630198062e1dac989f3c1fcf44ddcbddeca29f2e2ab62f7325a9a8163f8695a287c7d15828c304e04132ae0cfcb07b1f6a56e3bfc620f51fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59d75b.TMP

Filesize
706B

MD5
3b495c8c80f8cc9c9c19883ab3033901

SHA1
58f63ed8eceaa6a74c1f88ea81e2e35a7ab39bb6

SHA256
e4989b259c0061df7bb70a6a9ae95a07324cf95bcdef9fe02e30816f92028bdd

SHA512
dea8e0f1daf7d2ecfb6b50c5eeeed15cc237e9b1e2e5d13602c47678575a789bb3de11e378d35f73d09c61492c0049f3650a0d6e8430ea50bed014fd8bc69b79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
608ad23c37aee37346ea22d799070060

SHA1
fc2275714521165a5c60af32c2f0c7bfb31d0f80

SHA256
5224242d9d3dd79f191cf9943e65a5f0ce1efb96ec4e136f418ab8e43a78ba30

SHA512
1a7b44d15c3d0355e6d128d2f45d6b3df996d85bf042dd2ab95003ca74d6e266e3867d7e6ede2419313f34bd7c2ab9706e35501cf972acf066669f93fe6b02ab

Download Submit