hxxps://trigonevo[.]com

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
05-05-2024 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://trigonevo.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4018855536-2201274732-320770143-1000\{ADB67652-ACB8-44BB-A5F8-2A054F7712F9}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2404	msedge.exe
2404	msedge.exe
4288	msedge.exe
4288	msedge.exe
2864	identity_helper.exe
2864	identity_helper.exe
1532	msedge.exe
1532	msedge.exe
952	msedge.exe
952	msedge.exe
952	msedge.exe
952	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 36 IoCs

pid	Process
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4288 wrote to memory of 1904	4288	msedge.exe	82
PID 4288 wrote to memory of 1904	4288	msedge.exe	82
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 3624	4288	msedge.exe	83
PID 4288 wrote to memory of 2404	4288	msedge.exe	84
PID 4288 wrote to memory of 2404	4288	msedge.exe	84
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85
PID 4288 wrote to memory of 4432	4288	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://trigonevo.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea93746f8,0x7ffea9374708,0x7ffea9374718
  2⤵
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1976 /prefetch:2
  2⤵
  PID:3624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 /prefetch:8
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
  2⤵
  PID:780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1776 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5236 /prefetch:8
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3468 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6428 /prefetch:8
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6588 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16268159558086109210,1500707327809458154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1
  2⤵
  PID:5688

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
200KB

MD5
a484f2f3418f65b8214cbcd3e4a31057

SHA1
5c002c51b67db40f88b6895a5d5caa67608a65ce

SHA256
79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6

SHA512
0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
50KB

MD5
bab70dc75f730788e3f291f39be62659

SHA1
ff38b017768650983f6780f03f1ff61adf346d87

SHA256
1a507ee82196eaf35306b730f92f4420aa422569788bf3e76a072d9d476b1de8

SHA512
d9842c31c10a80fe04bb2f7e4239854338e3c1eb35fade4fd67c0f2df3495ef86e88d47a11c6844bda1f55e30b24c37c35e5e75cfef3ef93eef2832ce979ddbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
116KB

MD5
4fe8dc8d81b919454aa36e24f6cabc2c

SHA1
0d4fabf48fb97575d397c148601dc89f85df98d1

SHA256
bba5e75961fe57f4b0fe9933db335219adad27f339a10c092e62814b9fa37001

SHA512
7b16dc1c1a240d7c645265dbb1e48d608110053e95093ddd9cc1312c49e2409f799fa8be51a7d5f2fd680003be7f7cc6ff221a4f4381b321d74d878303f6a35c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
26KB

MD5
050a643606ede5f4459f15ab42ef658e

SHA1
e5ca7a0dbfef1228604b94d58cf619057e24afaf

SHA256
a7725581f9b9aeff5856ef888347c7bb6d0bbb8516a7b089ab6b3443abf41976

SHA512
f1be7e85be6b1be0b159219e49795ebc3e12608b1a4a9ef4df72885126c89bd1c9291e172529ffeff128a9a49a76cf15054b983048922f8d7d4994764c9f3f75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
27KB

MD5
ed59959dc5f41ff2ab1dd0ce73f83f4d

SHA1
fbe1ccffc148701eaab5141eea8e848f871e4c92

SHA256
867fcc29b69777b4e0e32977a929b76658393623e46a7ff3f00361224c709963

SHA512
b2c6c937bc7716db32707934c7f292fd013ba2cadff290e2d622655e6b83e169cda4a0ebc7a9da956c7897fc00ee236eba844070bc0beae089f53b96552a6f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
31KB

MD5
15482ac65022328724046fc444f32c8b

SHA1
5e6ad56df74650015e5c56865ab17c1573c9e472

SHA256
e0b082ca5ad3930319f4825efec55df3a06cbf7bce37366fa37205a04651b792

SHA512
354d2a35489a237b7c15715d411be35a0c5dc6ec8de1c280ba081628b61c4879c42abd36bf5d6c501d278541e87d4cef49ef3a17b5840c8c9fceac73dba5dfb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
22KB

MD5
094a6b103270d145a46c5fa1eaf78cf4

SHA1
dd045b6a682d155625c54d6164b706158cf02d7c

SHA256
489ba81eb8868eb62421e5aacbfeab22d6ea9e387c227b182f32692c550c24cd

SHA512
85ec58723e35d3d1ad08e2973350082c47e6d7806af591c693bd0dbcafd8302766d4b748f313a23551b36155af2ffc8e8b759e0eba7e47a4ce85c11f390a30ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
42KB

MD5
164be23d7264175ad016a13a0bcaf957

SHA1
c35ce3510b46a12a5ad3f73edc9ac18eb1e8018c

SHA256
4bb1ef87d7b93cb72976e936bca7f607d5dee5517dfa739fcf403a2cd130f6d7

SHA512
7dcfeb8007467dec38af535e1240cbd15e951735720e66e5887d7c69404edc2b2737fce054a369726b46b5a2038bc296b136615dc981d56cad7a8d674cb88aba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
19KB

MD5
cfabbcd29935bd7b97eff9c96c4b48db

SHA1
487cb972e6f6d9e87039d9307ce0bdfdb9b36f00

SHA256
05175d421ed1fffa52ae6b38275e4e382378f2f97b61df1ba4082d4c43b37453

SHA512
4cb8d4a8f7f22ff5a680a141cfe44cf74473559e1795826a239185e290fe95f25b13c0fd73e75ac1209df29ad9cf133b321c60aaf365249b91a9c4854b7fba08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
62KB

MD5
be87ba7e57b063801210196bd07e078b

SHA1
0384f8cff41132e206882fde73a6d530e4345b6b

SHA256
1c57b06c205d185ac807bb12d1962caf6c29bf331b852543bf2a6a80b2c341c8

SHA512
42dcebe61edc9fe52ee8c863ce36e00132ab2f3e85a48f98440055996e0446d16d4034b68c2f60f3f7ec242bd455354f406c8e26f0e1ee380a0df79163f0f7dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
28KB

MD5
314fd6de476c090fb3a460db973c13ae

SHA1
73bac1af55a9e3a8c4bddcb6f47dd33fba2883b1

SHA256
470a893939ed6bfd9e81dfb23aae63d75bd5b46b0874bc3b887a4d73745230dc

SHA512
ae7b2d51f39722e16a704008bc36d3bab206998bfb504da25ff70e228eddcf94f2a47e183ef8a60d46ef143aad648f83a49c8b0c377c7692dc6a9a4b1e93f784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
104KB

MD5
968513e656f19a84e4ebf35f0584dd8e

SHA1
c782872e0e04bb72f4117637e0c5095214d10ff6

SHA256
3a74c98e0cbeab86161098d101f72a9b134b79d9a6744b3a5f6c314c2e2976b8

SHA512
238e44daf55a4e60c5167f9e9f5f8746e5473fbd6d7774a82ebe160f8d5b9c212e1e12935774e5ee9ba7a43f714c3961a09b108c20aa8ce65a2384b45246c234

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
56KB

MD5
b0a8579dbb3e07be05e833ea925a0e4b

SHA1
07eda19052cd108154d49168f7cbccd15e2fa3d5

SHA256
0a5d2cc3430ad71f3a93e631c4dad3d095d4846c12d4dfbb9f137ebc23cfd2fb

SHA512
5987cf7c63447ebaace01429f02a65c7f86f16e4bf368fd6dac4821301a9ded1ca591199ddaa1bb399b6d9125598e02e5e229bac5734dfb3e0ca293512b7ce3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
77KB

MD5
9ec41a95a527b31ebc55f9bf8d113509

SHA1
fc92a7c1bf7aa3fc2a1b88d68b1a9841d4a5ecc1

SHA256
4089a5d5027d9cbeb66ad4ff2e1c29580424c2fe28b585907393cc8ef06e86b2

SHA512
95ebaa6222bd1586ea353793b4403fbd68baeec8a532404a3c644828576c939cf0468de19d75d8baa7f01a5fee2baa4280dddea332347f1f8cd00731f4b7133f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
103KB

MD5
e4945413184d65f94f64c59e9e43f686

SHA1
51bd126ccbd5e693c1441ffef1b3b51f6e46fe93

SHA256
4eb24dc9c5191b3973b26d0677b18e0181a7b64507dc3ea80f4b960d4e3bdbaf

SHA512
3bfadc9543769c21312a8e4542faf97cb41b7d1b2c6b5c8380d19adadb8a2c52d22a206479549ca4c929c02dfa08d6be6479860c5afb855dfed87ce3bc83b1b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
21KB

MD5
dccdcfff7fc1fa6159770d4bbf8bc981

SHA1
6bd1c82f7f090e3da7314c142e879e2271dc2414

SHA256
2961c6d0661e2332b5f7a1468d4fa6452a45c7c896cd16c334f787bccc07215e

SHA512
9002668c31b77668f1b36b07e4be264c20c7bc662e72b3e4d339d84fb53c5f3f3f786662f8aebe65772b44fe8c569b447f7634c3e7cd35597df25aa2ca6f10fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
54KB

MD5
ebefb5a4b7753a36e45d54ab5331a771

SHA1
e7b2ed71f9ff7c673e97d1f8b24e068ccd95e7bd

SHA256
7a7df6c930705ab43fc7d6ae0d983f00231709f95a9d71e1a5302a4fd91a8cfe

SHA512
48ecb72583a7fe1ac1b6206057f7466a3fdde31ee84ac7d6dba8d181947d1f15fbb2de83017a6b1c6b93c96ae35cabf88bb65e464fed32021aa87af41a13c707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
85KB

MD5
008d0ae10f41631bb124d78799baf5bb

SHA1
cd5956db2574b3e718d8e87f3e4af79e2a3b5e0b

SHA256
a0aee1664677fce87357ff299c236f12803be313c1838a312d779ccf1ce0e590

SHA512
e4c1c5a8d88b6e0caa60b3c6ce02c05b0b2653c478a788d9d6c330d34439a5f91acecd67dc6baa4f40cf8f4cf21a684a13162562df8e2406cd06ac3145c6216e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
18KB

MD5
b4470ee179a4eddbb46805af908179b7

SHA1
b261ee502f6ea6d00f16f5f504b6c80196791315

SHA256
3b07d11331f77d30696cbfb8f32deea6d640836475b0cb552538803acdc20c5f

SHA512
0ab09da443ebd063bad886e97c4acac9606ee8e6b3f96fceb19bad0f7f6eb1ab5a7f0985452a159f1f5baf162f24299ee28082092db587f4dfdc9b9f32bb2572

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
57KB

MD5
790bd786e102953eb2a5f3c849c7a13e

SHA1
15d955ae418cbbde9eab8c224c3605c2ba5eeb49

SHA256
dd9df5a98251b8abcceb4559bd27a1d95b7fe4d93756742c7c3f9884172c2d06

SHA512
dcb161dd5e708c1250fc611fbe501a7244f89ba15cc016bce7bd7cfd8a3be7829f7eb357edeb411f65da3173231b1dca69ee3cfa41b4759fb4d1ec2655d3c473

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
20KB

MD5
3b6c0249745552bc421b9ae64c8f266e

SHA1
ea14ece35e0ccb5bccfc6e19bceb7ac0509894f5

SHA256
8472631068d799e4c360cfb63cbcd99ea7b32c16a2359e0a94741777c7cb8329

SHA512
01903c3b635a964b8bb338370d63ac08bb9e86de1f00566c99efb1c99151a8ba8fa4d99cfd64e9a71abda745f70e1569cd687dff7602d2c1f41c61475ccaaa7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
51KB

MD5
6224e98ff6b7415b0ae47e36abf9e3c4

SHA1
1a3bfad5acb68ff9a0c185dbf8f9a4f60f9e272e

SHA256
3c68b9fddd2c696d76fc685a1b8236542613765692767911c19d951bb6845e99

SHA512
11a4d69456ba4b27c3ece8788ea4dcdfe4b7884ff0a5e9dee3973e17e4c9758b884c3164f018d30da0dfa035a770f7f865b44761a591154094684c1a6f1e4ba6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
27KB

MD5
67280cb00e81e41d1364782cfa844f3f

SHA1
fd846ef1c38b70a4ade6108e34d3bda1a05f26fe

SHA256
d37ec93fd5ae1289adfedc0defcb4f2cee627776c43118a057fec4915249beff

SHA512
689a5632b2d7090461aaf80c311440b7f8d72b693f84889fb327c484f5c7d34dce68f9fc4df01434c6e49076665b17cd548aec9a7abda583792f8a960a65ff89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
67KB

MD5
da3c96625bb3986c431eab9d78ca7b70

SHA1
3aa6ef4fe36a44b90677c5c25dbd20d4c61bf5c4

SHA256
e2583b1cca4d53a321302a17a35b40b8e55decc16536929cd8d26a32e8df7b67

SHA512
951b28b2b915133d2380f9e2ede5cad366b80dd4616e586c20f979b95b5a87d16a1ebc3446b7bf36c94b2249cf53072a1614f95613be02e3597ef30ebbcfee39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
16KB

MD5
0a9825390554bd7c57605328bb44a26a

SHA1
0a06581b4cb9fbdf35471952d2bf31a164c4226e

SHA256
5595bb566286512082d4ad1911224f9f3dae4e5c6f31e04f4b56c5b264155cae

SHA512
9e22cfa649792f4651d7c5eed6d716096de4b81c3bfcd337841a250b2fb43f35918f73843bb6783f60d3c63219ea39f87d70dbb2f1a70be0ba6aaebe2b6e4193

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
27KB

MD5
d9c3cbe2f5f2ce978f1eb9af95ca9060

SHA1
9d2254eac7bc6a92c9174a668e102efacdd631e7

SHA256
375a0eb255521fb70da8f98db377e32e6445da5fecf5835f333097848c13a4aa

SHA512
d05a6e5e37f6cf1f0af65c58766015386d69209730be8241500939c783799b76c513ce6355e6a80376bfa4706fa3cd6c856eed266abb58c3e564dd7a094ddd5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
63KB

MD5
791506083eeea837f1ab64ec39db8a59

SHA1
bc07a7e847d048c89dc5520ac5daffb790ffb5bd

SHA256
ad0f0ea738ba150dd453977596a1b23b6ab8623763edadf1451c8d0de44ca8d9

SHA512
51a22ba435b8f310c798c3bffbcd3193eddde75727cef6c8e87cfde5a92337de761ff79e0d2b69241312ffbb657183572a7da5da32812bf79cad61b2a391d930

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

Filesize
47KB

MD5
cd221ce2002fed2060c99e30a30e73be

SHA1
7530c53e3848717a711fa252fda8d2e59edbe327

SHA256
09ef77fbf33ba1d7d3de553da58932fc4e6cfd93a964d4f66dd7dd8b459e599f

SHA512
3e091155115416227f6ec2a04a8fdad4b123d542334cfcbe31e188cb2050b65239f3d3240f924a1fdc3bbd02911828981c344da0063405ab8df9a802134c4a79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

Filesize
37KB

MD5
196702a68419c60e7668c8cb20c6bf11

SHA1
067fbe7bf70fa0bbf6462a7c1f68f1476f12bf08

SHA256
13cf0357bfa13df08f8f94594a808040ddb7f0b7b084a65d02ce15d3d5ba6956

SHA512
ae6deadafe3c4282cddd86567d15c52aa1acb5af3daec629145526ca45b6018004f6e3b5614fb9e349e1f91f1465c2237038c33705cf38a6d96b7e5bb1517146

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
38KB

MD5
7e33fe232ca7afb516bc29c5782c82ec

SHA1
6000b11396c01244a7462add064a68376ce2dc1f

SHA256
59607dfb31af617d562b1190faa8089a831389104acab7cf162be86ca69f54e7

SHA512
9765464ef8a1f55d73831cddde6ae2af5b4a01c89356be2fbbf0acd085cf8baaa2b4d6d4fb43df1ce74f91ab5c029fa2c9751ad6ab06178fd607de120d9a0e21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

Filesize
27KB

MD5
21c4292604903565614409be23913ff0

SHA1
54cfa98db60f83f6421bbb226dccc02cddff7db6

SHA256
f7ed421437858abbd6ace2db03dc8e584e84ffceea5ce17583b6263cb57978bd

SHA512
3a08df73c1ddb1a0f128cad9f5eeb8317822b0c34384996ef53473852fca5a607821085f39efff3878d8aca67165f8f3401461277594f6496f2d1c89d7ec7daf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
17KB

MD5
df5cf92867078462ef3e8c2285f0c665

SHA1
d40900595667a769ed24a7c37caa01b61766ffaa

SHA256
4866eb290ef9f8be5aade578f5f8d1a55fbb9f0388937aa64217549c74a86052

SHA512
beab492fa4d868a887f0599c74d831f047693f28d579ef079f8be5887a529c09d3c15687ec22aff1c8e764c1498c20e51ea6347286ac0f9d2ec4b709209fa6cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

Filesize
16KB

MD5
2750fcb9524ff2ebd14fa3b93f7abb84

SHA1
9b279ab0d605ff4932058f12fe8f0c69785a577d

SHA256
034d86da73cc557503fe48ef4a2b03ecd99b7984f6354ce67ebca32a921bd306

SHA512
3229df8dfd62ce7df38c7bcc58088b8bc9688511568c76fe145e02dcdbe917ae2f3acc2486f8fedc07f5d7665fac542fce0ac8868666431f86fd94a13092427d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

Filesize
17KB

MD5
b2f86d57da4abd2070ad8a131d726d8d

SHA1
fea7dedc12792cc4a81e6fe9d3d791c018b0cbff

SHA256
edde6ce3fd7bb15f58bbb8ad94eac62a4c922a038b70b0d542524fe53d08fd10

SHA512
5beb3210529ef73d887c2da03630cc024fb91855bb61c9587c5bb983f01f7240db6309339851b49f2c10c6299c429c5386286d71342b14eecd3ec0be3bfbfe25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
30KB

MD5
85c921899d1ec10337f66d07f444c44d

SHA1
3ff2ebda5fc877bee6fc68ff0ff76b5f2e22ddea

SHA256
eb5d9118eaa40857f2f1ccc097b4962f8505ced4f0bdfd6a5ca183bea07f8059

SHA512
e8f5384dcc34175ed9265f963b2d6a759160e7c6481a49196a0c7ab5cd8feaab9cf04db659c3d44fbcfa507c5032196c78ba70a0dd383e08dd58416f3db313e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
44KB

MD5
e6289c8a0280931a0c95e1f8cf65202f

SHA1
90a0fce64c9471ab4a826f898e7c531f9242af60

SHA256
c1255497dc006940abdf3c47e479293db524a3ea7f68b29ef2bb418aba8a41c6

SHA512
e3c168e70d0c10476ed95fde5b8bc0841062950c30c1a8482c5bfcb22bfb092dfbf9ed084bdfb8a2e98e729b1fc5e9c42b53fdf46ef02bbeb7d99bdb8e622b59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
40KB

MD5
bff14f9371688c357e53b60410da1f66

SHA1
962dad54941bb56a00b4fe986cfba4a43cf31a21

SHA256
c928c960e443909f0b3df9081bc67ae412300c476a60fce26dc585807f76a711

SHA512
d21398e2e2ee197bba3ac8f609a6eece28f7eb55922d0f1e1d7e358095654c0986ec97140345a1bb100c5a7fd1f4be6113172a2c5e01390d90cc153b96e4d2f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
18KB

MD5
6bc9b9ea4bfe17ce439dc8f9a93f77ea

SHA1
5052eaf2010e8eec829f9dc31cf75ecb52b1f36d

SHA256
c2b173ca633f50777681c0e31a261968bf4b043899009a70e764b7913c131d31

SHA512
fe29604502048c056cbb4b2999b8c4d95eee8ade67e297afb09188cf0a9c4823bad5c4bd780f8d1738e3b756ebbcb3cd37c0a9990489ea5b6cca04b45c09b40c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

Filesize
46KB

MD5
790dfa2d1ac415d3e3dfa54cd317496f

SHA1
7e73caac41e0145a3e0009268f0cebd29d73ed92

SHA256
f0861962f67cbb2217292b4469b8a0ab435f5ccf69235823dae869b45d59514c

SHA512
cc98b0151a0919dfaf0a6218f52370b7771f8c689965954fc665dd326510d716732ae906d8292f0688c0df78e3be35bd36dd45775691d4a69aff5504604577fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

Filesize
18KB

MD5
68018219e3ebba70a96d53e46d6c6344

SHA1
cd095adbd0f44d17c8bbaced08ca635c63a82c66

SHA256
75855e7e93f5c3dc674d10a976e7aac4ee1f493c5c05f69bf080e195fc14846c

SHA512
471225fe417a1012c9b5c5c420490270b017d3fed4bda473a45fafa43d5e62467393d7235eccffe0abed5cdddb53fbed0aa7d6dfaa48e8c4273aa9ba7fe57dd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
16KB

MD5
7c833bda6564fa908738255235451e9c

SHA1
321d9dae0ffef5a1a0b7c187fb75ae930aee00df

SHA256
cc6f87e7adb3684effd8f6faa24680b7e9b18af861139fc7497840d9d22dbe53

SHA512
82b79353ca9341e6ee3eca65e4b6218eed2c725277dbc2b9c5799881227c8b6435f78a3b68f0c9bf7062fff49fe7f41344bdf2f0a808820bd9fc9ac4f03be9ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
41KB

MD5
7f06a22984e23fc15a255430afe87c82

SHA1
97636338dec495a81a02801997eac94a33ab3106

SHA256
a01c958242825be84ff4170fb3033ea18609a8f8fa9ed95c0f4a76abf21e25d9

SHA512
03045df9487980f53b7a4d0327f07db6507fdfbb4d488af4ec6f2a35554e43987e0b4907c7bd678d803dd00d92d6b7a0e282da1d26492bce55b2de012406f1a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

Filesize
19KB

MD5
522502621a31eeb7679166fcc3ce06d2

SHA1
bb7a73cd079d8c8fc352c33f62af977ae74af51b

SHA256
af2fb87aa58032445c7a7a7b6465adaabcee921c3239815e65a4d278f0c3d7ef

SHA512
b6857be33675c179be673ef4fd070d22518f741b36e5f3ece37aafa8b699fcee353e85586c9c65a1499468e2fa2487575ec700e9c889feb2414a6a5628f532f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

Filesize
36KB

MD5
647f02692cd111913e32915aedfd3247

SHA1
18b7a4a151496c9c02bec57628cbb316cb7a5677

SHA256
2e92d07920b97d4eb5881124814f8a02cd47b76dacbcc4d86e6868e5c7d4f8e2

SHA512
f39ed575f34cffb700b7aadfe68b91917bd94837c654d0681be70e52271f0be0baefe06854c62d7a27048182d10708abcf5b04baabb89750600f3b767dc625a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
216B

MD5
584257f3452cc6c6f770549b068d8bab

SHA1
3286d22884a672f5b9a0b3952cbd42e13baf6133

SHA256
6a24349fc84016c2bb97e0afde7817b6e5688e53487117f6d6a0d137c32a2b3f

SHA512
e1a367cb4aa7c8766b16513176a2d6e2b4dc8f1fe1a034860559aee45ec63f95285709e67e1341261cfa63fb570398eed6874aed78f04eacfe71ecf9aeeba258

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
5390365fd81eb07d4fe38d83f7b0d49c

SHA1
039406e9442035cae67aba44cbfc175a2f1fcbd2

SHA256
ae25607fc340b83873ea5e6f07af23d4aacf591749dcb34f92073fafe58eeb18

SHA512
dbe31ebabf9961ab7ca5251d779af11f6ac6bcd6160a86c0f57148e44e0e06d4de0c609aa10f8709891c76c4b3dfb4d1f46a98ccd9fcd8543601d2ed2cafd9f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_best.aliexpress.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
17f94652bb8e0b8073b19716427a6b6d

SHA1
5e6d63d88ef4b2108fd38e873e5ef2df93a78afa

SHA256
cdafc25600e32dc8a31379926129479db2a3be835cfb2cabb566d1d7ac614816

SHA512
14e44963598b420062569df6d4cdbd0f336f116e64d01addf9fceaa0be6575c3e0134c66415a12f7f58c5ab24f16ad36d7ba03d14c62c1a34ece581fe3ff9a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
6e2982ee2484e81cbbf24c32136d64df

SHA1
571a11275ade458fc22c128e7d34800f37e7764d

SHA256
2d57ff58904c755a300e33eedb0d29796f7d6da393a9a2bb50550aaad0f8d22a

SHA512
c01c16c9723b2006f79f9988a45eb8a56bcf37af240c704d0b8c767f384ccf79116fed031fba72313996657d3769901ebd74de277c02fae7d0ff1879d7447ae4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
994dc7a6d4e026ed07f0f5b03ba16afb

SHA1
eb95f99acd42f9e9ddd98a8c9cfdb1f98c102dd2

SHA256
f41c15be0925fb92096c7717524731fce651b0c977632c2a436893004a082469

SHA512
2e5a5187ede594f48bd467f381c4a1780b15110b71c8395cdeb4a47d48417e5449a0db2cb7c3f6dd4ca9fc7882169cda879e84a5b987dd066b724d6732a9d86c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
d3ba47cae49232fc15dd943cc13b9491

SHA1
1d4693a5ec98c93cd5418d9641a8386a19e6c570

SHA256
1889c13a5a643682e8c46e93cd973a639f78aaf06e01f85529f5ec9b5da927b8

SHA512
e9cb08d097554cb14cbcd77619a001b95f29c406e354bb05dfbd80e38c43fbe63bb01eb6487189ffb0ede526a933670527dd342e4c9645ce11f29c29475cd331

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ad156d2675a1b922f87d3c62760d408c

SHA1
8982a9b683c3d054104508d1d4f3b9ef86ef5e8d

SHA256
a0f217488d982e990a0528ce96d90f0cd5d192e6a555d05534850551e2e04583

SHA512
7b3900aba39fdaf14e08601f6b48e927132981a62d6392a161645c188224f288ee2aa0fec7ea597cb50d1579a970859ac59899da224d0862cba8abb049f319b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f0083cbc34e7862dbc761e45a1a630b6

SHA1
a7cf2a937cd448c35a57bdd59e8d1faafa967c72

SHA256
913e824824f64087a64c9a76c1fdd8cbac93342a152581ab1517dddc2a2be71e

SHA512
b43915594aa771fcd55e8eb50925890a808bcd6f3261f51a7cb62597f4b35b57a391af0461a93b3d694608bea239bb2bfa966e7b9bb2c6be7df17c0a5b36a3e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
eeaaa4de2f01e363c6c206187ffce169

SHA1
738a09253be13463ebe48c4fce32619ab31c4935

SHA256
5022e7cfc3019ce9f379397afdf7c52c8d0d0caf3d1043d83506e4aa206aacd0

SHA512
e724dac7cf1c6af5b94d17e23098649fddb8ea06edd0df6fa74d964d4641d1906570d2c83cc52be04fd2ad5d988d8f15798a8db8686ec238c46d97b12a376436

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
692a49600d0229beb9404d704764c7e8

SHA1
02be574e7782c05fb96ffa4599c010ded94b301d

SHA256
c027b83e2c5299c8c3b54dad753b33d676e92d8a78f6b2a3f0ee4c0c6f8b7b36

SHA512
9a1c6866151bfa38182540f63c273319f26b9b70303405adf56891e815f4742f74abbb6870fbdb731075af9e53d053f6fbfd9ac5680f65579b8fbf01252a81e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
34e257839f5e100c420169719a4d5bbc

SHA1
ba31f18287cfff0e78ff459dcceee125d2e54baf

SHA256
b8cbb5b2d439a8a26b7a439b7378f56c728edfba9a895d227a2a73d816696fdd

SHA512
8676d7ab99d1ab274ad6e6d88210e2a965400ebc7fd02b139157f4a9182a4db7afe7758a797e476b0ce7b8929a02bd640274abaa34ccada9febd437fc0d873fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
240B

MD5
c521ff8910318230a937ee6f49bf6b1c

SHA1
42172faf9a76c13a81c0b3ae1b050f30a4db93b7

SHA256
2037693506187fefbfcd75a0c94b0d23bc54da2f2d4073b87dbe6100523ffdae

SHA512
93ea7558f007372adf4c295a2b3c0a9b2dccb9c540c093267fd90a888c25e57119fa765bf757a0ecbeea54d9dd71aeae7f289113b18a6eddf4c056d4b9b38ef7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587e24.TMP

Filesize
48B

MD5
8a63d27af831c63d6800874cb10c3cda

SHA1
0df7433faf68241f050f667241e1180e43b6a453

SHA256
74fd62c9f62fd0780c76522820a3a76121f91b13221bfe0d84fd4bb3ec9c59c3

SHA512
46882cdf8effec6063c83c1846c3e210bb1ff6eeda0d19b2c35ee28526f0f1c82834eca63ac82d42c1ba2404c49d03a96f326745a1ca857f95d1a15e64fb3a5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1541572d6581c3020e188653252be73d

SHA1
72fa7dc14feb9394f767b0c6f03d7d6da4fc4c88

SHA256
06e4021f5e1d4297a6df93a1c775eebf4410b8a34d7cdd5bbc8cfd176a30db13

SHA512
9b7af24ed0ac3599aac16f67270b876368e382e66ae6d82412cfc7956245926de19d0ca5a2c95be36ba3c0a8d3b358bce76de97a4b7dcf35b1f167d6a3b34158

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
97a85cca329ce121756251801cdb2a4b

SHA1
07fa2efa4751d47c1c7dd4f30183e5084c2dd31d

SHA256
b2c57d48a8e8ba6871f205e27965e7aaa6c32e6206c3150000cc2d9c715b406e

SHA512
f8e3c11199f4f8e7fe6a824b6e795adecb8e98936323403d159161a9e23707c10f0090212ca2d43b93ff32c1c3e5f6a09c6460101dd690f1a550eda0fee59cd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
cb8eaf4428a7d11bf9e65d4dfbd5ca39

SHA1
3e9f8b5dd91bd0a4a0743e4686dcf22e77854666

SHA256
f685454f5de63c590f7d518b7d4c08105cdfb63070d98729aea79661aab2de49

SHA512
747a1f0d54e0c9e851e4f4191a19a2e1d35684a7cbe254a7b9cade3d7ff3896bc4c28f483e914b17a152042e3f705f52b374777dd2711edc5d6e165e2536b686

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
435ba0781dcc8e14d5a228629b783819

SHA1
2d15cc6d3011cc13972c9522dbe5a2e2c936c500

SHA256
98dd4667188684d079f03cffbffb76d0ace609a5bae5efba48ece168d1a0c368

SHA512
ea8373da17f6ec0749f13f53af7fb3cb32e12b49c3791324718b621d7e52ae4b0a95e8e66bbf33e534a71d1a9eab7e47441c4fb7e94fa23de8931b1dd80eb021

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580114.TMP

Filesize
1KB

MD5
b08f535c5ca12c209d57d93dfa9a4b97

SHA1
f6f7a81652d82aa1034760296a81624e7b6b4269

SHA256
1d4b5d7275ad7de4d006887d07d2684197e2500163b12450b8e9ecdeb4df3830

SHA512
dedbaaaa3381f9a5413fb4e96a21b5c9c793b3fa8e63e9e9070af914b1de8cdec61240458c98309fbb99f24fceaf7a7346433cf20fa9a68846a2922dbc10c561

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d96cd5b0b33b8b0da1012be289683f02

SHA1
eba6f31c6df931e377b1450eb34097a3a4af7f5b

SHA256
2778dbc0dd7f86d71aaba788acd32c176bd071c2d21eb53d0eb2fc981fb6e752

SHA512
a6252e257f3f2d41eee2def16a97740ac72202368d944505bf024c3e3834fd29fb5788b7d8a0313b74857f20df4e0cb71e319c28f93d449d64c0260d8bdf8be4

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
2860b30192db010726da062fb937a792

SHA1
8a5312b739d669d1721df89c7ddccc4fa01c47fa

SHA256
65db47425f25292ff3b81fdde6a2bd3e1eb7b6a86f9b1bc72298c33a51938b43

SHA512
12782000c6a7ec091dbeb219df396eb0cee342e7770bcee49284f0d24a32c4dc6b48c61e964445d562bb77bc48eaba979118950b4b6697afeede2a8e50a27b42

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
0f50ae22612805779b17557f1327ae0a

SHA1
9777d4a363316b9b520c2603a22b877fbcdaad9a

SHA256
5426cbce403a7bfc976988e4f94a46ba92924592db3cd848aabda0a482f4d4c4

SHA512
35bd32e12f516f0fe2a668b84f419d34e69308ff1578bbc079f819d68917e5680e51c7bc3a4c4619d74e7b36bc01ac3806f5cb17f85ccd849cb726d2d5bc7973

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
3cd9e9f48481670e018d097ea5f17f7e

SHA1
017594973c739b979a1c0ad3b3fb0ff3875de187

SHA256
1d6b6c00c961e2e6cdc8bfebb9af301e25d430d647f495c6bc586bf4b472041a

SHA512
bb8a2cace908815461e8dc0768179dcb0d6507ff8b43202daa65b9241ba5a39ff37d62dd3ce86722d0d0a9769ee97589188ee1be1358cabfda404c692135b04d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
35f5ed4d466f8ddaadbf78d253f754cb

SHA1
0b275c5c1d4ef56ae756a10e6c9a74d0c9924486

SHA256
560442d99ec6e20fd35658ed3adf8aeb72318ff99f27a1f278ec281477aea5b4

SHA512
3569d66e450dc453f60f4588e04e43237682201bcf1ceac04e4cdd62edf6f02eb5852254ec59bd3ac3186ef78c2ee63b2ffbd120dc9f8c9e16cdf64075ee574e

Download Submit