Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

MICROWAVE.webp

windows10-2004-x64

3

Resubmissions

09/05/2024, 01:25

240509-bs4saadb89 8

08/05/2024, 23:29

240508-3gq6lade9x 3

08/05/2024, 23:20

240508-3bpqksfe35 3

08/05/2024, 23:17

240508-29zsrsda5v 3

08/05/2024, 23:12

240508-2663nscg6t 4

08/05/2024, 23:09

240508-25jkzsfa47 4

08/05/2024, 23:04

240508-22b2qscd7y 6

08/05/2024, 22:53

240508-2tz4labh7x 8

08/05/2024, 22:31

240508-2fqyrsba7t 7

08/05/2024, 22:31

240508-2ffg2aba5v 1

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2024, 23:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MICROWAVE.webp

  • Size

    59KB

  • MD5

    8c9beb192d4d9b3b8f605ce2f730a1d7

  • SHA1

    810a8fd46963e2cde9bc714177b893a633016e82

  • SHA256

    5e9abe7c0a9ee33a8597c5a923af28f91e90e706741c3e3191d9c261ebac78f7

  • SHA512

    25bcd758eba766fb2dbe89630ccf4a80c3913715452f46990e31d7edced41359e99a142ded140ab8106a5e1b89b8a2fca8815b64caa1aafeed86648c0fcc2f11

  • SSDEEP

    1536:ynOnmqlCB6c9CIdgYABxXIV3wYA3kKSG+VOe2asU8aaowh:OOKBf8agjlozYe2ya9h

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\MICROWAVE.webp
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\MICROWAVE.webp
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:2140
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff992246f8,0x7fff99224708,0x7fff99224718
        3⤵
          PID:3636
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
          3⤵
            PID:2816
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:1832
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2976 /prefetch:8
            3⤵
              PID:4568
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
              3⤵
                PID:5080
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
                3⤵
                  PID:452
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                  3⤵
                    PID:4468
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                    3⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:3116
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
                    3⤵
                      PID:2548
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
                      3⤵
                        PID:3768
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
                        3⤵
                          PID:3732
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
                          3⤵
                            PID:1584
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
                            3⤵
                              PID:1940
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
                              3⤵
                                PID:3076
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
                                3⤵
                                  PID:4512
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
                                  3⤵
                                    PID:4188
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1
                                    3⤵
                                      PID:1748
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1
                                      3⤵
                                        PID:3244
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                                        3⤵
                                          PID:1264
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
                                          3⤵
                                            PID:2000
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
                                            3⤵
                                              PID:4772
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
                                              3⤵
                                                PID:5068
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:1
                                                3⤵
                                                  PID:4984
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6040 /prefetch:8
                                                  3⤵
                                                    PID:4876
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5664 /prefetch:8
                                                    3⤵
                                                    • Modifies registry class
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:432
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
                                                    3⤵
                                                      PID:3660
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
                                                      3⤵
                                                        PID:5092
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,11746145258895429238,4080736871889413296,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6408 /prefetch:2
                                                        3⤵
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:2932
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:3300
                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                      1⤵
                                                        PID:4100
                                                      • C:\Windows\system32\AUDIODG.EXE
                                                        C:\Windows\system32\AUDIODG.EXE 0x464 0x150
                                                        1⤵
                                                          PID:3192

                                                        Network

                                                        MITRE ATT&CK Enterprise v15

                                                        Replay Monitor

                                                        Loading Replay Monitor...

                                                        Downloads

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                          Filesize

                                                          152B

                                                          MD5

                                                          ce4c898f8fc7601e2fbc252fdadb5115

                                                          SHA1

                                                          01bf06badc5da353e539c7c07527d30dccc55a91

                                                          SHA256

                                                          bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

                                                          SHA512

                                                          80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                          Filesize

                                                          152B

                                                          MD5

                                                          4158365912175436289496136e7912c2

                                                          SHA1

                                                          813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

                                                          SHA256

                                                          354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

                                                          SHA512

                                                          74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                          Filesize

                                                          67KB

                                                          MD5

                                                          d2d55f8057f8b03c94a81f3839b348b9

                                                          SHA1

                                                          37c399584539734ff679e3c66309498c8b2dd4d9

                                                          SHA256

                                                          6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                          SHA512

                                                          7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                          Filesize

                                                          62KB

                                                          MD5

                                                          c3c0eb5e044497577bec91b5970f6d30

                                                          SHA1

                                                          d833f81cf21f68d43ba64a6c28892945adc317a6

                                                          SHA256

                                                          eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

                                                          SHA512

                                                          83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                          Filesize

                                                          37KB

                                                          MD5

                                                          546a930636527f5356401bf758467256

                                                          SHA1

                                                          dd0b91838b627cb966c3ac627c1143aa2f516417

                                                          SHA256

                                                          870bf85856d6ad02b1303cf775c7849e7a6656c9ddd7734e5a39d4d0b4afec7b

                                                          SHA512

                                                          1d7d762e92bdbc5ce638c260c6d26c2c286f7e36fdb08798bfb25b957f2cd5562b760785dbf3c7b04fbfe19c9014a86562e470f8335a3c887b3d4b5482123f05

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                          Filesize

                                                          19KB

                                                          MD5

                                                          2e86a72f4e82614cd4842950d2e0a716

                                                          SHA1

                                                          d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                          SHA256

                                                          c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                          SHA512

                                                          7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                          Filesize

                                                          65KB

                                                          MD5

                                                          56d57bc655526551f217536f19195495

                                                          SHA1

                                                          28b430886d1220855a805d78dc5d6414aeee6995

                                                          SHA256

                                                          f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

                                                          SHA512

                                                          7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                          Filesize

                                                          88KB

                                                          MD5

                                                          b38fbbd0b5c8e8b4452b33d6f85df7dc

                                                          SHA1

                                                          386ba241790252df01a6a028b3238de2f995a559

                                                          SHA256

                                                          b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

                                                          SHA512

                                                          546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
                                                          Filesize

                                                          1.2MB

                                                          MD5

                                                          25a7f8dea0207366b4b9d77569ff6f78

                                                          SHA1

                                                          57a20ac66704e6b2766c6946fafdec22f47ee79d

                                                          SHA256

                                                          502a9f82d39ef6fca4b4fc1bfd046b9736d8e232c8b1562eed0ca62d149bbfed

                                                          SHA512

                                                          db300662a1a49ae8417fb013462fc62ab20351c9c458cb60b0b22ec89c1cba410ae03301cefa6464dc58ed332ceb8a2d67eb6b8078c7f2127729594126133024

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                          Filesize

                                                          2KB

                                                          MD5

                                                          c796af4804c7ae45ecfe4f8d79d2432c

                                                          SHA1

                                                          bdb84fd919549689f7fcbdcd24fe3e5827fee0b8

                                                          SHA256

                                                          d4b92da06cc183d3cc0c9f3d9b5a75a5c914e9d39f131b7c0c90602f3cb9de5e

                                                          SHA512

                                                          5c00cf2fdfdc2c45d859129570fb48c89203f8e3a447bb42190ebcd26b875d4205f5057be1cf1419d68d490dc348ee50cb810beb698a1ff189ae4dda5cc9dc5c

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                          Filesize

                                                          541B

                                                          MD5

                                                          967c5ffc8afbdc13d6c19c14330270a1

                                                          SHA1

                                                          82306dd897400999e477639e531c69826a6d7aa0

                                                          SHA256

                                                          2be270cba18e8f886c242f3cdf7df029494856fe401bea84e2fe8bdb84a9608b

                                                          SHA512

                                                          6152007e603798e544dba79abeff73dd3d7f8de0e9404065ce627de7270e14a6b6ca050ddadc24741d8cbef0af90b2464190e7c773ad5482dda067d7dfc39e1a

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          8e02f3cd2e09b92d747f9bc7579a87b1

                                                          SHA1

                                                          584b6e738ed2403fd0d76fcc8bbbc4a7db25ac39

                                                          SHA256

                                                          dfa29a16815703f95404cb1144a66caae2e97bd339047c84716e45246b4ba80f

                                                          SHA512

                                                          716cdbff65a1d22e2ed5e6ccf3a7fe77b41d24f324944a6fe44802a63d0e2ffe66e25cd9ee5fc02bbef1363f08442d7861f696cbb1134a1631726fadd3ad36c1

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          806d3dc4345b7dd9220aa116ae827e9a

                                                          SHA1

                                                          0634ba6e2a365b6c64f244b24a5a3e3220f4ee1d

                                                          SHA256

                                                          9fe2e48e152897f1d06018b666a988b8ecdb7479fb57199e760164174f50456c

                                                          SHA512

                                                          aa5a8ba679fc6bd8efe58f9bf365886e7eab47f4b4b2669dd4a8080ef0b361ffd22a9dd15e15d808816536a6b37ca2cf4c6b7f5c5aceb536dbd9c4f4d94ee337

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          17288b95c01d04df872bdff2dbeb0276

                                                          SHA1

                                                          925ebcdd635f0028987394d4269bb73ec59ecf17

                                                          SHA256

                                                          be5e4a49ba96c87a246ab6b0ffbad4c769835ba231829d041a2e37adeca01ea6

                                                          SHA512

                                                          dd115c09cc1219f034138e1b69b3ad4d311f2d2da5cfcfe371dea584fe284d5b91c76a0324fa906c2ae7549b8e8b404400bdd261c08e9ed68a354687fe7606ba

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          2f033ca0b549ccb0ca66220dafd7b39a

                                                          SHA1

                                                          f429a85da8c81bd3f8967d522c1f18937374d6a2

                                                          SHA256

                                                          a8ec40a079def5922df86859a1a696bdaad4de78e6ea018132b9453e7fcade94

                                                          SHA512

                                                          3db742f36cecc5c281d4bf25c9706318470f89265c4f39772e7d56fabd8d3d847650e1ef41b7678f00be483902cd24b93189c6c56769e941ff3f70c60287d77f

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                          Filesize

                                                          16B

                                                          MD5

                                                          46295cac801e5d4857d09837238a6394

                                                          SHA1

                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                          SHA256

                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                          SHA512

                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                          Filesize

                                                          16B

                                                          MD5

                                                          206702161f94c5cd39fadd03f4014d98

                                                          SHA1

                                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                          SHA256

                                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                          SHA512

                                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e5789787-0c19-4e29-8452-1a8b75e8d085.tmp
                                                          Filesize

                                                          6KB

                                                          MD5

                                                          f13df4bf0edcfb73d772b4886e52967a

                                                          SHA1

                                                          f1bdf004eb7251b6bf77f4932658e223684167cb

                                                          SHA256

                                                          151413e6d7c6233e221c194d97f065d9573177a8b5b59450796e277bc7972715

                                                          SHA512

                                                          37f8051f558be7b42aa27fb808115fb31af36b89f403be473a73bccb807771c9b88bcb0741c8f51112726b04454a4d0e6fc5a095675c40c60b3d562e2df8f545

                                                          Download Submit

                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                          Filesize

                                                          11KB

                                                          MD5

                                                          bbe76124437a6eb25b4d806c59b92d64

                                                          SHA1

                                                          1cff8fe81374061a57d439a381d59f84bfbdca1a

                                                          SHA256

                                                          7da5e351e83eb71bcf95c19b0e49ba5cf40db7f2c10be1fb78a61528b51a2d57

                                                          SHA512

                                                          d7fa087a3be9a5eb79fe5c0afb410736403e4e96aba20f125db77391378b4f41b967e72bec110b11a2500a6e4a3eed20feefe1451f5188cb765da458297afa39

                                                          Download Submit