hxxps://cloud[.]letsignit[.]com/collect/bc/63ea7e4610f0bb2ebf2ab929?p=EGf6L-_TO5Ll1JbMMaZI0zjUgVis4Ptz2E1sjWgApg6ZBahB0N9Dn563XAmsHkiiihcSutVJMn0Rnta9q07_QWO4Wb5FeSm4adJOCGhdy5tEz_xJUoYQqa6j1WOskSAyZMiWUwPo8UJI3EZeqfCz3AVHpATwLnM5FeMIHV_ejTM6rNkd6DqVKK15R0_k_GnM32vBxQ3l1oJ9--hiY8XclET6LsnIADRvVgADXmZrfNRdeajQu1rS161FOyrpDqV3tZEQESktuzYv1q2hMkXyag==

Resubmissions

16/05/2024, 10:12

240516-l8w3gsff3y 10

16/05/2024, 10:09

16/05/2024, 10:04

16/05/2024, 09:46

16/05/2024, 09:33

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 10:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cloud.letsignit.com/collect/bc/63ea7e4610f0bb2ebf2ab929?p=EGf6L-_TO5Ll1JbMMaZI0zjUgVis4Ptz2E1sjWgApg6ZBahB0N9Dn563XAmsHkiiihcSutVJMn0Rnta9q07_QWO4Wb5FeSm4adJOCGhdy5tEz_xJUoYQqa6j1WOskSAyZMiWUwPo8UJI3EZeqfCz3AVHpATwLnM5FeMIHV_ejTM6rNkd6DqVKK15R0_k_GnM32vBxQ3l1oJ9--hiY8XclET6LsnIADRvVgADXmZrfNRdeajQu1rS161FOyrpDqV3tZEQESktuzYv1q2hMkXyag==

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3368	msedge.exe
3368	msedge.exe
2912	msedge.exe
2912	msedge.exe
4712	identity_helper.exe
4712	identity_helper.exe
4364	msedge.exe
4364	msedge.exe
4364	msedge.exe
4364	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2912 wrote to memory of 1320	2912	msedge.exe	84
PID 2912 wrote to memory of 1320	2912	msedge.exe	84
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3448	2912	msedge.exe	85
PID 2912 wrote to memory of 3368	2912	msedge.exe	86
PID 2912 wrote to memory of 3368	2912	msedge.exe	86
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87
PID 2912 wrote to memory of 1852	2912	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cloud.letsignit.com/collect/bc/63ea7e4610f0bb2ebf2ab929?p=EGf6L-_TO5Ll1JbMMaZI0zjUgVis4Ptz2E1sjWgApg6ZBahB0N9Dn563XAmsHkiiihcSutVJMn0Rnta9q07_QWO4Wb5FeSm4adJOCGhdy5tEz_xJUoYQqa6j1WOskSAyZMiWUwPo8UJI3EZeqfCz3AVHpATwLnM5FeMIHV_ejTM6rNkd6DqVKK15R0_k_GnM32vBxQ3l1oJ9--hiY8XclET6LsnIADRvVgADXmZrfNRdeajQu1rS161FOyrpDqV3tZEQESktuzYv1q2hMkXyag==
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5eb246f8,0x7ffd5eb24708,0x7ffd5eb24718
  2⤵
  PID:1320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:3448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2472 /prefetch:8
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:3820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
  2⤵
  PID:5752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,6105301929482464410,2956439103310420275,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
2168fb57529d5e5a8ffbc09662f7b450

SHA1
b3bc2649df3272b21c334997692df9748825cf9d

SHA256
df415aea5944342bcb74875ef81d4092adeafa5ee89e0efff773cdd71a2d02e4

SHA512
032ddfe3f8ff76d3b2ffa843ac2859b8dbe8710b93674b807c1247772a760108ae72857f89de69676778ece1c0de24dd9302e96d4926a7989013cac324c6499e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
1cbbe1b86dd6a7de9676b61a2e57b623

SHA1
bf6276a99f253629469333d21c54a700180d990d

SHA256
11bffa4b6abd83c86674c4ba6d824afb1916a3ffe7e8c421f8f372b6c6367f84

SHA512
49ad19c38b2c047b86fa31154d78224041b8b5853e1f4a9387746e9be4f0ba4a4b4ca6ab4e36b0a6b3ce0933f4fe1016a578b0e23f660cea1529a55b118d82ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6db357f44ccff2f45786cf231190ddc3

SHA1
7fad321e3d05ee28780ec9ea17a5a9d5b9890dd9

SHA256
d4a9f96e5a8306f71aedf50b4dc91334d493c0850634c7c7837e1b362f481fb6

SHA512
b2d9dcb90568e0dc267a1593cbb4ee9d5a0a25800366fdca8381e03293757b873d7572157c2966299e6f39d18d410c6e2f97e6e0146fa0ef281506b95a128635

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
52b5fee2cc23d1c36b1492f1a32ee352

SHA1
af9025e8e7dbc8228dd05270ab433d149b05cc77

SHA256
c02130c4519de433e751052f98e1e3f6215f8e97616d78f711dd8e0136e8b0e3

SHA512
6c776300976aea07bc026101371eae13c4355c8e7d84637863c9c3c35695c64e27655cc069745e1e0a320835a67d6af79d656391c05dfec186a0b147d0733ff2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ab1c1b32fdf24b7f0405d6cacb46f4e3

SHA1
7024090cc2d35fb80ec93aff7cdcc368f1cfd4d5

SHA256
5194480229cbcc22efdf8775924f335997fd0b18ef67ed6e097d3185649a5bda

SHA512
bff9890187038f404550caf31198d07fda60ab3bed1419b0d5ad5d68613ea914a6e65f224cddf7e2159d91b6b31bbe9363f72bb32770319de6f969fe56b3e386

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a24a5a369e8cc27eec1ca0827e1c94d6

SHA1
90505a6f70ffb475d8cc4aa5958bdea787f1e7b6

SHA256
cfa3cc7d0d2ca2054989569842566c40ae85de4f47c819c1a1573236ea24f8b0

SHA512
2af7dc25a7c2c01d88c304906712e652a28583c60349d13a1f3c248b3453a52cace85e82a302b156df80052cf63605e987b8874b0a12af3902462ccee2859e39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4f91073523de3cd83a49d3a411b66958

SHA1
cf2d841e6947a217438270d2692c7887ec196c09

SHA256
33566d0ebe3e72131916e565e1d3ed8bbdab900bc116bf39c13fb5d27a1d76a6

SHA512
4dc094bbf4e560377f50ced35139bd17aa7a6ae3d370f036facd6d95425d2d15d3075f5c86d7521c531572a83ae5f67a4ff39eeaed341e58f3ebce6db3609e30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e1f0a23bb1409bc8535e3a7698ec81d7

SHA1
0ea0946a1dbb5df662432a1623b16c25e90a0ae4

SHA256
6e1711cb44be90b2098ca597710bcf6448c5d424bc3fae9fc18347baae096447

SHA512
1e8c6057b9505a97add01f372f2b76995d9f44d4a919cfb1959d50acadb3dd82f8e885fb13a5ed5e31589adfe9bb5f258e5ef920dd11a6051d7f8cebeb72ed50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587c5f.TMP

Filesize
873B

MD5
e48fec3838df54683ee78f606dfd79f3

SHA1
34c6bc5b3807b74e929b744d47d489140c03f15f

SHA256
204395475816915241b1399ffe83b888dbb305454f5e98a489de66711d2bf99a

SHA512
ed28e0548a8cb2dea39069809fb83243308fc75f05881f21e6f121d3f861888cde52e28c8962214d829d45f4d744dd17f22cb878edd048e2115fed8384ea7b59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b8177e55ca85040e225fc4a01fda461b

SHA1
4fb226f1693f07e4b72493563653c390188fe96f

SHA256
4e336a5224f856cf60c31e43af27bddad9a39a5b23fd13db5f35a0c4105f5d1e

SHA512
b68cb243252adf4c588fe9f4fa06c87ee43290d059fcecca16f5b302105ed40303c74b97ea2ab5f0eabbe9f1fda6e5c44518480feb687fcd770152f9a0adc884

Download Submit