hxxp://Magaljewelry[.]com

Analysis

max time kernel
50s
max time network
52s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
02/05/2024, 17:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Magaljewelry.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4748	msedge.exe
4748	msedge.exe
3876	msedge.exe
3876	msedge.exe
1104	msedge.exe
1104	msedge.exe
3796	identity_helper.exe
3796	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe
3876	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3876 wrote to memory of 4416	3876	msedge.exe	80
PID 3876 wrote to memory of 4416	3876	msedge.exe	80
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 3020	3876	msedge.exe	82
PID 3876 wrote to memory of 4748	3876	msedge.exe	83
PID 3876 wrote to memory of 4748	3876	msedge.exe	83
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84
PID 3876 wrote to memory of 2924	3876	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://Magaljewelry.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdd9103cb8,0x7ffdd9103cc8,0x7ffdd9103cd8
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2632 /prefetch:8
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1800,16860846683045185147,11345942970668794503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
  2⤵
  PID:2916

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2588

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
de47c3995ae35661b0c60c1f1d30f0ab

SHA1
6634569b803dc681dc068de3a3794053fa68c0ca

SHA256
4d063bb78bd4fa86cee3d393dd31a08cab05e3539d31ca9f0a294df754cd00c7

SHA512
852a9580564fd4c53a9982ddf36a5679dbdce55d445b979001b4d97d60a9a688e532821403322c88acc42f6b7fa9cc5e964a79cbe142a96cbe0f5612fe1d61cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
704d4cabea796e63d81497ab24b05379

SHA1
b4d01216a6985559bd4b6d193ed1ec0f93b15ff8

SHA256
3db2f8ac0fb3889fcf383209199e35ac8380cf1b78714fc5900df247ba324d26

SHA512
0f4803b7b7396a29d43d40f971701fd1af12d82f559dcfd25e0ca9cc8868a182acba7b28987142c1f003efd7dd22e474ac4c8f01fe73725b3618a7bf3e77801d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8155d44abd1d34c1245b2a112bfed119

SHA1
f0f9d1689aa098d258f671417006d05a5f08a9d4

SHA256
045cd6a31bad59b912f42693959850a92f92047e956f7cb4473fd8a526db173c

SHA512
58b3bdf2281cc06f18fbdf23acd539dd4a51de764ae019f8113904ab2d8ea8a5968cbedb6b2e67843dc57aa287af12c76a03efa487484ffeef5f07c5feaf9961

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
63dd84b7fe1460931e87bc0153a10020

SHA1
fdd4daa9809deeca0cad0b4f32044b6ffce09e27

SHA256
b33024be73872b162f4bbb667c33295b53583996fe45dfe565a41458c5cd3e1a

SHA512
3494c1f8e9a48c772e5e676265abb320bd5ce24304ca562d318758ac8f70f2f7b01d99aec7da968b20a32ef5a0599c3ef41524544671cd1b1f1256c40a58f2f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
34333ef6e93878807a5c6dcbc049714d

SHA1
636ccd2844d3a1fa079dabe2cea0101e3e41b999

SHA256
25f4d19cb5e846d4413810c797a4a6c494764ea8d0cfa1dac92e7cc722856db8

SHA512
33839c4f5feadb3777963b1a9b3f2f365453e85c2b64a86a13125adfc49b26ab6b73ababbfab89af00f1ba9fb4a902e6e1fff83ae5b58f9ef1737a5efe092874

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\3611fb3e-b1a8-4302-a199-9f5bb55ae835\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\4d9b1520-1754-4473-970f-fbfaa944dbba\index-dir\the-real-index

Filesize
72B

MD5
06a01187d39da42cac04dd18ed45f32d

SHA1
8d40e6dede2ebacaa4a46ca5f42144cdb45412a9

SHA256
93f8f2f039c84c7a1e511ea8e9cc145041bc999ccf33d65bca91c4e93da5a683

SHA512
3af778c3a82004823b26de9865910fe9eff4c34dbb7106a4d26c193b9b7b2a10b66c6955c374acb74191e6b590bcf563dee330a3a0765aaa82d7f4fe7b44add9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\4d9b1520-1754-4473-970f-fbfaa944dbba\index-dir\the-real-index~RFe57abff.TMP

Filesize
48B

MD5
d1dc3cd98d23a35369907aad008731fa

SHA1
598b15d777083c1c574f9e78241796650722cc64

SHA256
25df9d74e590412e9674eec41724bc749d02c45a1a95c40444e081f3ed04959d

SHA512
5e34ad8d8f6eb2e69bf593e28d35d59502cb64a509dcb3fe5b5de94fd89a7a5efed7e343b375b05558940d4cf2bbeecb4a3461d77d3cd1b50977c29360c2b205

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\ed44f55b-95f0-4dc2-96ee-00a477c14abf\index-dir\the-real-index

Filesize
72B

MD5
8392abacc070e4cda5ddf17d8f41e53f

SHA1
62134602ea945e73deb6f29baa77ed16138fb93b

SHA256
00afe517b6766998c5182eda95e06a9290d2f71da01bb9027bfce7cc520b86b3

SHA512
ccd3d77f6055d68c95f60b54014e66a30124cfc67a2e50ec098cb1b6e54e2b2a8b868191614459b4cdc05f79185ec0d8531b8f040d9381ce95b793817057d1b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\ed44f55b-95f0-4dc2-96ee-00a477c14abf\index-dir\the-real-index~RFe57b72a.TMP

Filesize
48B

MD5
45a0d7beeefb5dfe3a8292bcac366a50

SHA1
1a312ed58ba811d39ffc225af16bdbd3721b8a55

SHA256
3132f152b77b3901c3eed31cf0565f3224d73bc8009f0518e50360932855787e

SHA512
7cc340b74b650f3a762b45ef1960d0928019d3b2ede2e665512c8845f7a20dc2116b4c6c83b368d2439955de5fc773f1482730658de46ad30cce2f218fd2a9ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\fbc26940-69c0-47ec-b237-bf264437907b\index-dir\the-real-index

Filesize
72B

MD5
38c8e5881af53b7e8b2581751f2cbaa1

SHA1
4922e168880218e0a18c0b42856677ad7f49dae5

SHA256
278c026564dc9161f30d52884242bb8d362a6d4be8ad21dbb400af20b8e52eae

SHA512
d7ee5d5440433651f76a17c5a0f34dce42f554207ed948f967df464c652f67ceeaf667a62332ea3ecab3b92719da69828fa6d996ac8a3966042104d0c7eaa71a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\fbc26940-69c0-47ec-b237-bf264437907b\index-dir\the-real-index~RFe57abc1.TMP

Filesize
48B

MD5
7934f37c3556f2c2f918153076058668

SHA1
ee21f15f7a68f6fa6d87728b5e3f422cd8cc3bae

SHA256
faebc979032fd4ebd63617ae159299909afb726ff9c08e18c11e7492debe2942

SHA512
4c948d34bf4dc0c1c827b82f2f10666e3c83608ac1df2f2cb7512fe5049484a34e6dca48586fc350b93a589d440078c957a5e5ec422a9fbc8622c65a1689a05d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
109B

MD5
a0c020303456cc837373abcd49d923a5

SHA1
39b29a8027b176c62f91548db425124739815daa

SHA256
5653305b149fec48dd49edb964997b8794593505b9478103ca1a0b23270dbc98

SHA512
a2ddde9ca37e6e3d1ec17026bef3925662ef5dbc34c22c4c6c597325e0615178a7c73e954bec1e37b88a0b29a6271d977b3a6e1618b52d9738d9da1409edd020

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
187B

MD5
1eb1fbe4fbfbea7661380da58246b480

SHA1
d603a919f41cbef53d7ada3caeb52571f1916ad5

SHA256
96305c1ec2d2aa7b2b16d72ff265fa08f660b46a005e2ff8c9a03d6e0548b836

SHA512
1a7a463a953eb890d701920c2eeff062d615cd2d1d6a573918238d834f10dd4a0c29687168150ce1df40f0b1f96d7c5658cf942ba53b4329284dd537aeb2e0a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
245B

MD5
434c03ac5734488fa182249cb62de64a

SHA1
01c4a05e1e67627ed42ade0ac6ef869eadc5103b

SHA256
57703b2a0f67cc71aeacb7315430cfe8f7383a77730ad0f2fa44284c2d2a142e

SHA512
071680c202dc01bc0fd697b64bdfb83b58854eebfc55636a52aed2606b5ac557d61ce237c942b702717784a1bf11f5019c3ac0d49ede97a4738c95dbfe8c9325

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
372B

MD5
56b25cc664e6d6247250e15eb3b95909

SHA1
4fc02fd4e6307ed58034499f6a1c327a613fc0e5

SHA256
9326fbb5ca6967ed07fb9f749146360c73681a24098fe2c08015dfb4e4c9ac8a

SHA512
80dffa5b478dc595da30768672f20dde8591a3e9bc4615eb857fdf38f39c495f6caa2db07fd5aac9918ea5db660d819dc04272bd11884984fb02fd1e2770dbad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
436B

MD5
2b9a7d40e144c321f8547b9817c721ae

SHA1
fe63f5b0a4d2cb27ff6645f6f0cd2e6d25b4b59a

SHA256
6aa94d2c0550e22a75291c8603fba2509ca2a441c1a2a6f0903c6d1cb164b9d0

SHA512
1630f8e587729823b5ac2a2cd3ad57e3a9fedb55a42bfc28dfa1041803722779a304cef2e2b3e3fa26189cb6dce1c41b5e2f221ca0498cf78a800028480e8b62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
494B

MD5
bbb78fbaa7fdf878c0a3afdc1a8c3857

SHA1
c5d78d240244ec2b5675cd7438e2ce0c276603dc

SHA256
868c55c7d2629107b9c71d86870046cb29edacc7d66cd8b9f3dc891368b7bfc5

SHA512
6df75834124af166d1ea2e717a7fa0334d9924f7bbf08c3abf4f4652c2ce10dc42d9ea84e559060a0cbff90158f137363ffa6aad150b200b6991875e6af7a1e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
318B

MD5
9383f23d9e47f5483329c329bf4f436e

SHA1
80cda72099ec2eca0483c5b7167e8a7664197817

SHA256
8e7b2cc8df8d855286a05637cc1152d8a6f9f2207b2b3cffadbc00b474bc2aa6

SHA512
398e353ea38fec9b6c16b61322cea3895779102a479c41cf33b4c6f96aaef4b7fca1489755465dca20a987cc5f9344f5e359e9b7826cf9f7e0d997c475d3d4d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\63d17cc64cf6bffc48050666574d4beb1e07c873\index.txt

Filesize
488B

MD5
b708d538cfba5e0a4e57fa708e112cd3

SHA1
61fdfe5aa1672d6cbd73727c192b2fe66eaf7950

SHA256
5b873f53dfd5d54a4695d5448dbf9763d003c80a4c36ba94ec668fa0acd984b1

SHA512
63ff2258f2caad3431e67c81da8594d052a4d795699f499fa6cb81cd913656ea7d36f3a4b7465da58b0ae6325e098ebaf4c5e7ca5befbe0b6a42fd2b67e0826e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ee39a9a2ff8dcf7ce81499972ce8bfe9

SHA1
44dc8d372f13a9a3c45582f689761c63e389192c

SHA256
2a7f677f1e1b60f92e4f7c37d1e3c87a26e4fb1956352b7da36fc042b79b40c9

SHA512
9374ff64f756992d09e20933cd597ea10e585cd0676fd6736a67f3185aa0aa4830c62c619de529ca27cb6a752ba5509992af6420bb45188c7a5e87627562ee86

Download Submit