Analysis

  • max time kernel
    296s
  • max time network
    299s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-05-2024 10:27

General

  • Target

    email-html-1.html

  • Size

    23KB

  • MD5

    9abefa7e54e4b3579f30176b369564d7

  • SHA1

    d898d1dd4a72424c5b8a8b37a237f0bf1580bb83

  • SHA256

    627164b9cfa758a3bdb0f4efb7b8d3bfcb3f7af769c7623c08aec2b68034dba4

  • SHA512

    053412c36d992de78f75505be6b67553bf7d589798cf8342bda79a0989ce402087ff9bc1981f322f92f1fec36003bc268a8188c78ee2c9b3d4d1b708bb8419f2

  • SSDEEP

    384:MHrAVjfzAJimux3qE6dOlNU2yFwhh9l58VuPpmlRhnEJi5ET:MHrA6i7IEkIjyFu558VipmlRaJio

Score
5/10

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\email-html-1.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:336
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a9846f8,0x7ffb8a984708,0x7ffb8a984718
      2⤵
        PID:3836
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
        2⤵
          PID:3488
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2516 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2904
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
          2⤵
            PID:3452
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:3888
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
              2⤵
                PID:3432
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
                2⤵
                  PID:2396
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2276
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
                  2⤵
                    PID:4324
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
                    2⤵
                      PID:3428
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
                      2⤵
                        PID:1564
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
                        2⤵
                          PID:4648
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
                          2⤵
                            PID:3772
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
                            2⤵
                              PID:2892
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
                              2⤵
                                PID:2872
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1888 /prefetch:1
                                2⤵
                                  PID:3688
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
                                  2⤵
                                    PID:2288
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
                                    2⤵
                                      PID:2692
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                                      2⤵
                                        PID:2812
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
                                        2⤵
                                          PID:4532
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                                          2⤵
                                            PID:2272
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
                                            2⤵
                                              PID:4528
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
                                              2⤵
                                                PID:1456
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
                                                2⤵
                                                  PID:764
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4772 /prefetch:8
                                                  2⤵
                                                    PID:3776
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7028 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:1848
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
                                                    2⤵
                                                      PID:4732
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6089435721171834588,9192788289336203040,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
                                                      2⤵
                                                        PID:1644
                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                      1⤵
                                                        PID:4652
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:3600

                                                        Network

                                                        MITRE ATT&CK Enterprise v15

                                                        Replay Monitor

                                                        Loading Replay Monitor...

                                                        Downloads

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                          Filesize

                                                          152B

                                                          MD5

                                                          c9c4c494f8fba32d95ba2125f00586a3

                                                          SHA1

                                                          8a600205528aef7953144f1cf6f7a5115e3611de

                                                          SHA256

                                                          a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

                                                          SHA512

                                                          9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                          Filesize

                                                          152B

                                                          MD5

                                                          4dc6fc5e708279a3310fe55d9c44743d

                                                          SHA1

                                                          a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

                                                          SHA256

                                                          a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

                                                          SHA512

                                                          5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0bc8ce56-c44f-47ad-9de2-a5d23f506781.tmp

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          dfe2a3be29aa50d91e211f61c0ef0059

                                                          SHA1

                                                          f56d85926ac0465d28bfe9a94fd87dace928461a

                                                          SHA256

                                                          a19bf9793c80c26252ebb1b5dddaf186b7371ffa58bf03966837142d9a428ea0

                                                          SHA512

                                                          3976ecbcc7cf6abaaaa8319d7e6fc73eb03b1d2a4aa9c48a761b18c32abf5eca0100d03792c28edc56ad5fffe83f81cac0e625c9926fea7bed0db4f105399804

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                          Filesize

                                                          79KB

                                                          MD5

                                                          e51f388b62281af5b4a9193cce419941

                                                          SHA1

                                                          364f3d737462b7fd063107fe2c580fdb9781a45a

                                                          SHA256

                                                          348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c

                                                          SHA512

                                                          1755816c26d013d7b610bab515200b0f1f2bd2be0c4a8a099c3f8aff2d898882fd3bcf1163d0378916f4c5c24222df5dd7b18df0c8e5bf2a0ebef891215f148e

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

                                                          Filesize

                                                          35KB

                                                          MD5

                                                          5009982b60a0f93eac4c1728e5ca17e2

                                                          SHA1

                                                          c0f932d333b91a4b971a52ce88bc96320745064f

                                                          SHA256

                                                          2ffc0ec332938cbce14008ab246c3d918800189aece932e92bedd8adb8332fe8

                                                          SHA512

                                                          401dd0a45c177130628787b92a17642783d27b1a977833af4110d81cbf2572a159a371beb473baa07ad38ac8297551aadadd2ebb80401a73acd580fdc03964aa

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

                                                          Filesize

                                                          25KB

                                                          MD5

                                                          d0263dc03be4c393a90bda733c57d6db

                                                          SHA1

                                                          8a032b6deab53a33234c735133b48518f8643b92

                                                          SHA256

                                                          22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

                                                          SHA512

                                                          9511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

                                                          Filesize

                                                          22KB

                                                          MD5

                                                          9196e81f8ed7f223d765423c1f9bc8a7

                                                          SHA1

                                                          88f9d5c2a6908cf36b8daae803578ca9e1fd2929

                                                          SHA256

                                                          a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe

                                                          SHA512

                                                          e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          fa57a86d87208fc496cf314fbebcd6a5

                                                          SHA1

                                                          12f496d18cd81099f946e2a6c917abad4011a6f2

                                                          SHA256

                                                          6c85a158f35e06d19b7cefd5ea34e28d1d31ba781c3fdf690fbe714a23f96309

                                                          SHA512

                                                          ecfbb8ebcc42b2c93484c677529b6eb3d70b96ec895e9576d31c525feb6fa5a1eb7fd1f058f26fc29a027156c0d6d9d0049992a4f38bc38351168d4af95bbc2d

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          844e7a5d5d67ae3e88e704d96889af1f

                                                          SHA1

                                                          076ab9a1bcb90433586f37982cd70c1d941e5f64

                                                          SHA256

                                                          99d6c201895116db74e851c53ca0e44ad96ecad4b331807f243708a4ca021729

                                                          SHA512

                                                          bc4066a181872825e85bbea6621e67797c437e00ad70dd3a2e3a6ecb56ced01b0267655ff4903c323d5470bc58cfc5275cd1a2695127eb60fb8f445d9254e10a

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                          Filesize

                                                          2KB

                                                          MD5

                                                          545badec6317ace04d058cd0746b5f88

                                                          SHA1

                                                          5da9b9bf0c3a8d5ae3f963df533577f2f2ceb040

                                                          SHA256

                                                          7a9aee8b4ff34f845c635560ed540d260ee3c03ca1b19aae2c9be0b736c7dd44

                                                          SHA512

                                                          15abb0d0a2ef49aa0273a073db2a92a751f57b6be35024cd88070b29472a21da46e291d218340a5d67caec12595b616933bfc5ceab127a8f0750d7dd39ce530b

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                          Filesize

                                                          111B

                                                          MD5

                                                          285252a2f6327d41eab203dc2f402c67

                                                          SHA1

                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                          SHA256

                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                          SHA512

                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                          Filesize

                                                          111B

                                                          MD5

                                                          807419ca9a4734feaf8d8563a003b048

                                                          SHA1

                                                          a723c7d60a65886ffa068711f1e900ccc85922a6

                                                          SHA256

                                                          aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                                                          SHA512

                                                          f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                          Filesize

                                                          2KB

                                                          MD5

                                                          cc1af711db0b72e66a4b8a1488753a0b

                                                          SHA1

                                                          687a042aad94d407647c93af4d4e100593d30215

                                                          SHA256

                                                          b0c2d5422a3e801ac3e84041cdad4f259ded643cd4a87a4165fd27b55c568a0f

                                                          SHA512

                                                          013c927e04634d31057a2ddea8dbe540a810aa02379193cc1eef4f2ccb333b822b36558d0f95b1d238ac3cd3d69f7c6c0c8b59d7cf1cdad710481cfae5a2ca33

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                          Filesize

                                                          2KB

                                                          MD5

                                                          5aa440950996d667802e9afcf363ccb1

                                                          SHA1

                                                          1845dbc20f78a40e8aa2808e50a388aac7742351

                                                          SHA256

                                                          5c014a501a1e61f91bd5dee20831140ef1fe8482fe26b6abae9a96387bf80e78

                                                          SHA512

                                                          4697d94726b21f6a55950df363faec28b480493b24d106a008f5f9f10c4b8a78161e2b35b19e0a325a1033beb432e7d9bd9d557db4b9ad1e347dd5d98c9a06b4

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          6KB

                                                          MD5

                                                          c98ece8aaa381b4062d57cd8a0096981

                                                          SHA1

                                                          e1f5ed71feedb02704c60c8d6d7fee2d7fa9a448

                                                          SHA256

                                                          e48234e641208e04daa95b46894d63c95d2fab5ed1e546e2695877aeb333dac0

                                                          SHA512

                                                          1450f81282b763503c4b78bb11230a6625008031455cd04955832d9f2bcb3bbeb3977a2b241199969240593026107eb7a49cf9de31afcdbbb53781e1dfec6187

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          6KB

                                                          MD5

                                                          7edc2b05b5a6ba659a6d60b1801ae025

                                                          SHA1

                                                          4fe8349c6de24068a6d1a18bb5030e19a59e890e

                                                          SHA256

                                                          3cea9dcbe4f7fb41bc4d54026fd48680ff95d1154d8226659a6d9288fe52097e

                                                          SHA512

                                                          66a9ff0681bbf58b5743b37e3b62e7a113ec1b0254a9fb9694b44cd76ff6886051b5f79ba22a009c0353db61e26ae366c93176857bc8bc6f977681200ee0ae59

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          7KB

                                                          MD5

                                                          6b24adabcbc842e53af59a955609d376

                                                          SHA1

                                                          b2f1fe9414fe576b4470647fb553ca3fc9eef1aa

                                                          SHA256

                                                          f051e62d62055a67f5a6ba2ac458ca095ade438c7dc329e9a0a968c8346dd651

                                                          SHA512

                                                          1c0a477a23ef6fc9de04fe334a0bc45528de5c146760335307b0ab57a0e67bf511112dba6f392668768ccef1dc94ceaabbdc8aff68080c360ab8130a81c2aa27

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          6KB

                                                          MD5

                                                          fc7ed8dffaf525319e04ee17ff51e3c0

                                                          SHA1

                                                          c228ef462dd8d104023c5b28b7e8acf7b610254c

                                                          SHA256

                                                          b66dd2bcca400f2ef9af3b5900748375bfaf87fb5300b2ac2e601b8ca2822fa6

                                                          SHA512

                                                          ec0c797cdc9db69a01c822b256cca5307e0307416d0d8c72afaa10b7e9d92241bd95042f061dda680ea3467a1a31fd3d43215b42955682c0ed351f5dcf79648c

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          7KB

                                                          MD5

                                                          09c02c2b44fedb6fde903180437424b0

                                                          SHA1

                                                          d157fbf7bcb2f0411f3f401c4abbe972c02f683f

                                                          SHA256

                                                          1534cf86ca4f6d8401bd59bf1765ac6f83ef47b2cbb6d6c61f671bb88e815571

                                                          SHA512

                                                          cea77f6777d28b29861b2fea412e0236ddb8e5ac50e8467e9985abce00d1d8a09c6c054692fff780cb27a1bb9bed0a751fef510fae28dae3df2d6d699677d3e5

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                          Filesize

                                                          7KB

                                                          MD5

                                                          f55e6fb92126f8c8f94e5b3372345d51

                                                          SHA1

                                                          f8a8dd53091d388fd0e962818c0fc7dc733682ab

                                                          SHA256

                                                          c92f3e4cd89dd7696da4e9763e7fd5a9ea9a8f30cc98f96273f5210525ab0a31

                                                          SHA512

                                                          7e3672bb1e9ae2dc8b266ab0dc98a47f8d6bb3b1b01d47117aea27f6f3d5f01722eec5012a18f456af04c4373d1c704ed9b94624ab740fda5e996d8da7053870

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          bf551e9d78af9d426fd6807a0434d618

                                                          SHA1

                                                          5e54f1f9b188f80b510a5a7e411ac80d039ca709

                                                          SHA256

                                                          87d6e029a748ae9cd86d865720abf3e69d19f62d58d60258ed187cf3e0cf7d65

                                                          SHA512

                                                          201f8b92fdff16bfc0fdb621a0ff67aeebf0e5a8f20cb5bb6ee942f1299a0b6ca1309e80171e9b7f684449c54ef152c2a0c74f49cd08a478906ac365cf991a43

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          ae540529207b0b13b71f99a5654d5bd1

                                                          SHA1

                                                          3de89c68be0dfc7169204923749b87cac66f144e

                                                          SHA256

                                                          5f58b158e65c0cf207e5401c4c3b6c7f9d3c94fe9bbe5dd6032397dc2785d57c

                                                          SHA512

                                                          19c8f9dbae9fef6691de5e688d0f1b17499845f3990f1ee9416b9d8c579da21859ca8df087792edcc487272903c1c3b9138a0bf6b09fdfb7aa5f3116503841eb

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          6e7f9bf6c3819eee850305a77a0f493f

                                                          SHA1

                                                          1901d8a067d534e5ccaa3bddffe1e782d48b94cd

                                                          SHA256

                                                          90a30b34ee903a4a23fd6749d8a3c5b5285ee28fabab59ffefd489109889fa46

                                                          SHA512

                                                          6a7705a8afd70ca986faa7999ac2ce3a2908d8c9a150aa97b796facab8f0fd3429d59265ce2d43b31ccbc4963271fc532ec25e8a0661d6ab95ab5a6b3519bfaa

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          871B

                                                          MD5

                                                          922253c8b5761e16721e6e43b6853b13

                                                          SHA1

                                                          6020d9d8a1d1e337eb3b5130eb4eafd8fd1355d5

                                                          SHA256

                                                          f6b277d2c02a420b1f759bfd7a9c29aeeb18ead20619ff9b16e7a950f76ff942

                                                          SHA512

                                                          ff9c842bf33e4e7fbd78fb96340fef8951b39c3f74dadd0a918f826987c8dfc05541013ff018e58abd1f6325d314c38b7031aaea82c2e2294b92b9f8805aff01

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          7e20824859c483d12e5505fce610c12c

                                                          SHA1

                                                          07518027a9f82b03d27548e84b5ffe35c6904d30

                                                          SHA256

                                                          8114a559fd9a8d5961f8130f6ad06a7c96ced502c3dc70b7f5572667d73f56b2

                                                          SHA512

                                                          8e577ac61832b63bfaf0671a84a29671b79de7409f306c7ce22881346422d7753436c34297318d74dbc6a5ea9c42e47c3d414647f9eb42521123af271f675d42

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                          Filesize

                                                          1KB

                                                          MD5

                                                          7d100d69cf16a0254669789ecee3bed3

                                                          SHA1

                                                          448273363874b1248c5b1077d53be2e2fca87f2b

                                                          SHA256

                                                          4111a4baced680e2592c9b75615db5e57e7f1a3e77ca16debaeb716044d53970

                                                          SHA512

                                                          345667d9d07e6fadda75e72173f40995eed24b1e127389fb7c057346b74bb461820eba61eafbd22110524827854fbbf80c57da7eb7095556a38dd1f02041b3bc

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e407.TMP

                                                          Filesize

                                                          539B

                                                          MD5

                                                          e35d03bb93d5740ebe9f91f93bdcbc07

                                                          SHA1

                                                          5dd5ec35a7188764ea27719fccecfa29f7991aa7

                                                          SHA256

                                                          bcbed179261e5867eb473c1f4ffc885dc44d246a40b63a22c1eb4c63c6b5cd96

                                                          SHA512

                                                          4742a010048203b4d20db6a289a0a8faeb994b86fa0e1e8cbf44f763b89f77c2e5f069695eaf16ad68e24d5e1e06a89592b77e9d3bd3730b0e5e0722ef57d844

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                          Filesize

                                                          16B

                                                          MD5

                                                          46295cac801e5d4857d09837238a6394

                                                          SHA1

                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                          SHA256

                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                          SHA512

                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                          Filesize

                                                          16B

                                                          MD5

                                                          206702161f94c5cd39fadd03f4014d98

                                                          SHA1

                                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                          SHA256

                                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                          SHA512

                                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                          Filesize

                                                          11KB

                                                          MD5

                                                          a531a23c0274c9295b95781826858734

                                                          SHA1

                                                          6bab238cf7557a5f2f834e30ea6ffbe936f901c5

                                                          SHA256

                                                          5507015319744474b9f3c6ee95380f36bfec943a568a0481a821aaf3eaa5de1d

                                                          SHA512

                                                          adf93547078be13d56f01f1649e2bb7272362d1ae667fcda3b03004cf109e267033dec362ebcdec95436b4242ed06e45006692020883ddb38d28b47350cd475e